PBS
PBS is hiring: Security Analyst II in Alexandria
PBS, Alexandria, VA, United States
Position Title:
Security Analyst II
Department:
Cybersecurity & Program Management
Corporate Area:
Technology & Operations
Status:
Regular, Full time Exempt
Manager Title:
Director, Networking & Cybersecurity
Position Overview:
The Security Analyst II is responsible for the design, configuration, testing, and deployment of on-prem and cloud services. They will provide Incident Response, threat hunting and proactive support of all development activities in both the cloud and on-prem environments.
Key responsibilities will include, but are not limited to:
Ensuring anomalous activity is detected and the potential impact of events is understood.
Ensuring that information systems and assets are monitored to identify cybersecurity events and verify the effectiveness of protective measures.
Ensuring detection processes and procedures are maintained and tested to ensure awareness of anomalous events.
Ensuring response activities are coordinated with internal and external stakeholders (e.g., external support from service providers).
Ensuring analysis is conducted to ensure effective response and support recovery activities.
Ensuring activities are performed to prevent expansion of an event, mitigate its effects, and resolve the incident.
Ensuring response processes and procedures are executed and maintained, to ensure response to detected cybersecurity incidents.
Ensuring recovery processes and procedures are executed and maintained to ensure restoration of systems or assets affected by cybersecurity incidents.
Ensuring recovery planning and processes are improved by incorporating lessons learned into future activities.
Ensuring restoration activities are coordinated with internal and external parties (e.g. coordinating centers, other CSIRTs, and vendors).
Additional activities as necessary to support the overall cybersecurity and PBS mission.
Requirements for success:
Experience requirement: Minimum of 3 years' experience working as a systems engineer or administrator.
Minimum of 4 years' experience working as a security analyst.
Minimum of 5 years' cybersecurity experience.
Education and/or certification requirement: GCIH, GCIA, GMON, GCED, or equivalent GIAC defense focused certifications desired.
Certifications by EC-Council, ISC2, Cisco, Microsoft, Fortinet, CompTIA, Offensive Security, etc. to be considered based on relevance to defensive cybersecurity operations.
Bachelor's Degree in a related field such as cybersecurity, information technology, or computer science; equivalent combination of experience may be considered.
Skills and abilities: Ability to participate as a technical lead on all projects requiring cybersecurity expertise and consultation.
Ability to lead a Cybersecurity Incident Response Team (CIRT), Computer Security Incident Response Team (CSIRT) and Managed Security Services Partners (MSSPs) in the execution of daily incident response activities.
Ability to deploy, integrate, configure, and maintain systems which comprise the overall cybersecurity technology stack.
Ability to communicate complex cybersecurity concepts in a clear and concise manner for laypersons unfamiliar with cybersecurity and/or IT concepts.
Desire and ability to help drive organizational adoption and buy-in of cybersecurity policies and standards across the PBS ecosystem.
Eagerness to develop, grow, and maintain strong inter-team relationships across the business to aid in the accomplishment of the PBS mission
Preferred qualifications: Expert knowledge in the following technologies and concepts: DFIR, IAM, PAM, DLP, NGFW, EDR, SIEM, IDS/IPS.
Strong foundational knowledge in IT technologies and concepts not limited to email security technologies, application security, cloud security (IaaS & PaaS, etc.), MITRE ATT&CK, SIEM, SOAR, CASB, MSSPs, DNS, Linux, Windows.
Fundamental knowledge of NIST, MDM, OWASP, PowerShell/Python/JavaScript, MacOS, malware analysis, LOLBAS, vulnerability management, WAF, CIS Benchmarks.
PBS is an Equal Opportunity Employer in accordance with the EEOC and the Commonwealth of Virginia.