Politico is hiring: Cybersecurity Analyst in Arlington

Description POLITICO strives to be the dominant source for politics and policy in power centers across every continent where access to reliable information, nonpartisan journalism and real-time tools creates, informs, and engages a global citizenry. Our mission from the very beginning was to win the audience. We dedicate ourselves to providing accurate, non-partisan, impactful information to the right people at the right time so they can act with confidence and speed. We serve, better understand, and grow our influential audience by creating innovative products and tools that provide limitless value across the globe. POLITICO is seeking a Cybersecurity Analyst with the dedication and drive to implement positive change. As a member of the Cybersecurity team at POLITICO, you will contribute to various technical projects and collaborate with teams across the organization. We are looking for candidates who are excited to contribute and collaborate under guidance to identify and implement effective solutions to improve POLITICO’s security posture. Even if you don’t meet every requirement, we'd love to hear from you! A Cybersecurity Analyst focuses on the security posture of POLITICOs and integration of security tooling, responding to escalated tickets, presenting incident postmortems, and takes an active role in remediation efforts. What You'll Do: Monitor ticket queues and alerts for security incidents and events Investigate incidents and support POLITICOs in real time Write detailed incident response reports Assist with developing and promoting best practices for information security when a gap has been observed Conduct threat research and gain an understanding of the risks associated with the News/Media industry Participate in periodic risk assessments and penetration tests by gathering evidence, sitting in interviews, and tracking remediation efforts Assist with the management and configuration of security solutions that protect the enterprise across network, endpoint, and email vectors Identify policy and process gaps and improvements for information security to align with industry frameworks What You'll Need: 1-3 years experience in a security-related role Familiarity with security tools and frameworks (e.g., SIEM, firewalls, vulnerability scanners) Basic understanding of network security principles, such as firewalls, VPNs, and intrusion detection systems Knowledge of industry standards and compliance frameworks (e.g., CIS Benchmarks, NIST, FedRAMP) Strong problem-solving and analytical skills, with the ability to work in a team environment Hands on experience investigating anomalies and responding to cybersecurity incidents involving user endpoints and cloud resources, including all phases of the digital forensics and incident response process (e.g. preparation, scoping, containment, eradication, remediation, recovery, lessons learned, and closeout) Experience monitoring and defending both user endpoints and cloud computing systems, to include Amazon Web Services (AWS), Microsoft Azure, CrowdStrike, or other common enterprise security technology providers Nice to Have: Possession of an Information Security professional certification (CompTIA SEC+, ISC2 SSCP, AWS Security, etc.) Experience working for a media or digital content delivery organization Hands-on experience with threat modeling, technical writing, and incident response Ability to speak to non-technical colleagues about highly technical issues Experience with computer network defense operations, including incident response, security information and event management (SIEM), host-based detection systems, and firewall logic; Splunk experience is highly desirable We are driven by our values. We are relentless contributors, disruptors of the status quo, collaborators, talent cultivators and DEI stewards. Our culture is defined by grit, total integrity and a prioritization on innovation. We value our people. Click here (https://www.politico.com/blogs/meet-politico/2017/08/24/faq-241910) for more on what we offer and what it’s like to work for POLITICO. Let’s keep in touch. You can view our list of open positions here (https://recruiting.ultipro.com/PER1013PCLL/JobBoard/b972ff6a-41b7-4e97-9c71-273c2595c77d/?q=&o=postedDateDesc) and email us careers@politico.com. We hope to see your application soon! Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)