Cybersecurity Analyst - Richmond, United States - V2X

Description

At V2X, we are making a difference by delivering decision support tools critical for the protection of our forces when threatened by both physical and Chemical, Biological, Radiological, or Nuclear (CBRN) threats.

As a Senior Cybersecurity Analyst contracted to support the Integrated Early Warning of Chemical, Biological, Radiological, and Nuclear (CBRN) Sensors project for the Department of Defense (DoD), your role is pivotal in ensuring the security of the software systems being developed. Leveraging your expertise in cybersecurity analysis and incident response, you will collaborate with development teams to embed security best practices throughout the software development lifecycle and address security concerns promptly. You will work collaboratively with cross-functional teams to identify vulnerabilities, develop and implement security controls, and ensure compliance with regulatory requirements and industry standards.

Major Job Activities:

• Conducting comprehensive security assessments of software systems and applications throughout the development lifecycle, identifying vulnerabilities, and recommending mitigation strategies.
• Collaborating closely with software development teams to integrate security controls and best practices into the design, development, testing, and deployment phases.
• Performing threat modeling exercises and documenting security threat assessments to identify potential risks and vulnerabilities in software architectures and functionalities.
• Reviewing code and conducting static and dynamic analysis to identify security flaws, coding errors, and vulnerabilities, documenting findings and recommendations for remediation.
• Leading incident response efforts related to cybersecurity incidents and breaches, including conducting forensic investigations, analyzing root causes, and implementing corrective actions.
• Providing guidance and support to junior cybersecurity analysts and development teams, fostering a culture of security awareness and accountability.
• Participating in security reviews, audits, and compliance assessments to ensure adherence to DoD cybersecurity policies, standards, and regulatory requirements.
• Documenting security findings, incident response activities, and mitigation efforts in accordance with DoD reporting requirements and contractual obligations.
• Collaborating with DoD stakeholders, program managers, and security teams to address security concerns, resolve issues, and support the successful delivery of software solutions.
• Developing and maintaining cybersecurity policies, procedures, and standards to mitigate risks and ensure compliance with regulatory requirements and industry best practices.
• Documenting security documentation for upload to EMASS, ensuring completeness, accuracy, and compliance with DoD reporting requirements and contractual obligations.

Material & Equipment Directly Used:

Computer, Phone, and basic office materials.

Working Environment:

• Function in an office environment in a stationary position approximately 50 percent of the time or more.
• Must be able to operate standard office equipment, such as a computer, copy machine, and printer.
• Must be able to travel to customer sites and test events to support cybersecurity testing events.

Physical Activities:

Support for cybersecurity testing events in person.

Education / Certifications:

• Bachelor's degree in Computer Science, Information Security, or related field required; Master's degree preferred.
• Relevant industry certifications, such as CISSP, CSSLP, CEH, or GIAC certifications, are highly desirable.

Clearance Requirement:

Active DoD Secret (or higher) level Security Clearance.

Experience / Skills:

• Proficiency in system design methodologies, architectural frameworks, and modeling tools, with a strong understanding of hardware, software, and network components.
• Extensive experience in cybersecurity analysis, incident response, and documentation, with a minimum of five (5) years in a senior-level role.
• Strong knowledge of software development methodologies, coding practices, and secure coding principles, with expertise in documenting security requirements and implementation details.
• Proficiency in conducting security assessments, vulnerability testing, and code review of software applications and systems, with experience in documenting findings and recommendations.
• Familiarity with DoD cybersecurity policies, standards, and directives, including RMF, NIST SP 800-53, and DoD 8500 series, with experience in documenting compliance efforts for upload to EMASS.
• Excellent analytical and problem-solving skills, with the ability to assess complex security challenges and develop effective solutions, with expertise in documenting incident response activities and outcomes.
• Strong communication and interpersonal skills, with the ability to collaborate effectively with remote teams and stakeholders, with experience in documenting security training materials, procedures, and best practices.
• Experience working on DoD contracts or within the defense industry is preferred.
• Commitment to maintaining the highest standards of professionalism, integrity, and confidentiality in handling sensitive information, with a focus on documenting security documentation for upload to EMASS in accordance with DoD reporting requirements and contractual obligations.

We are committed to an inclusive and diverse workplace that values and supports the contributions of each individual. This commitment along with our common Vision and Values of Integrity, Respect, and Responsibility, allows us to leverage differences, encourage innovation and expand our success in the global marketplace. V2X is an Equal Opportunity /Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, protected veteran status or status as an individual with a disability. EOE/Minority/Female/Disabled/Veteran.

Education / Certifications:

• Bachelor's degree in Computer Science, Information Security, or related field required; Master's degree preferred.
• Relevant industry certifications, such as CISSP, CSSLP, CEH, or GIAC certifications, are highly desirable.

Clearance Requirement:

Active DoD Secret (or higher) level Security Clearance.

Experience / Skills:

• Proficiency in system design methodologies, architectural frameworks, and modeling tools, with a strong understanding of hardware, software, and network components.
• Extensive experience in cybersecurity analysis, incident response, and documentation, with a minimum of five (5) years in a senior-level role.
• Strong knowledge of software development methodologies, coding practices, and secure coding principles, with expertise in documenting security requirements and implementation details.
• Proficiency in conducting security assessments, vulnerability testing, and code review of software applications and systems, with experience in documenting findings and recommendations.
• Familiarity with DoD cybersecurity policies, standards, and directives, including RMF, NIST SP 800-53, and DoD 8500 series, with experience in documenting compliance efforts for upload to EMASS.
• Excellent analytical and problem-solving skills, with the ability to assess complex security challenges and develop effective solutions, with expertise in documenting incident response activities and outcomes.
• Strong communication and interpersonal skills, with the ability to collaborate effectively with remote teams and stakeholders, with experience in documenting security training materials, procedures, and best practices.
• Experience working on DoD contracts or within the defense industry is preferred.
• Commitment to maintaining the highest standards of professionalism, integrity, and confidentiality in handling sensitive information, with a focus on documenting security documentation for upload to EMASS in accordance with DoD reporting requirements and contractual obligations.

We are committed to an inclusive and diverse workplace that values and supports the contributions of each individual. This commitment along with our common Vision and Values of Integrity, Respect, and Responsibility, allows us to leverage differences, encourage innovation and expand our success in the global marketplace. V2X is an Equal Opportunity /Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, protected veteran status or status as an individual with a disability. EOE/Minority/Female/Disabled/Veteran.

Major Job Activities:

• Conducting comprehensive security assessments of software systems and applications throughout the development lifecycle, identifying vulnerabilities, and recommending mitigation strategies.
• Collaborating closely with software development teams to integrate security controls and best practices into the design, development, testing, and deployment phases.
• Performing threat modeling exercises and documenting security threat assessments to identify potential risks and vulnerabilities in software architectures and functionalities.
• Reviewing code and conducting static and dynamic analysis to identify security flaws, coding errors, and vulnerabilities, documenting findings and recommendations for remediation.
• Leading incident response efforts related to cybersecurity incidents and breaches, including conducting forensic investigations, analyzing root causes, and implementing corrective actions.
• Providing guidance and support to junior cybersecurity analysts and development teams, fostering a culture of security awareness and accountability.
• Participating in security reviews, audits, and compliance assessments to ensure adherence to DoD cybersecurity policies, standards, and regulatory requirements.
• Documenting security findings, incident response activities, and mitigation efforts in accordance with DoD reporting requirements and contractual obligations.
• Collaborating with DoD stakeholders, program managers, and security teams to address security concerns, resolve issues, and support the successful delivery of software solutions.
• Developing and maintaining cybersecurity policies, procedures, and standards to mitigate risks and ensure compliance with regulatory requirements and industry best practices.
• Documenting security documentation for upload to EMASS, ensuring completeness, accuracy, and compliance with DoD reporting requirements and contractual obligations.

Material & Equipment Directly Used:

Computer, Phone, and basic office materials.

Working Environment:

• Function in an office environment in a stationary position approximately 50 percent of the time or more.
• Must be able to operate standard office equipment, such as a computer, copy machine, and printer.
• Must be able to travel to customer sites and test events to support cybersecurity testing events.

Physical Activities:

Support for cybersecurity testing events in person.