Logo
University of Washington

CYBERSECURITY ANALYST Job at University of Washington in Seattle

University of Washington, Seattle, WA, United States, 98127


Req #: 241575

Department: APPLIED PHYSICS LABORATORY

Appointing Department Web Address: https://seeyourselfapl.uw.edu/

Posting Date: 12/09/2024

Closing Info: Open Until Filled

Salary: $7,500 - $9,584 per month

Shift: First Shift

Notes: As a UW employee, you will enjoy generous benefits and work/life programs. For a complete description of our benefits for this position, please visit our website, click here. (https://hr.uw.edu/wp-content/uploads/sites/3/2018/02/benefits-professional-staff-librarians-academic-staff-20230119_a11y.pdf)

As a UW employee, you have a unique opportunity to change lives on our campuses, in our state, and around the world. UW employees offer their boundless energy, creative problem-solving skills, and dedication to building stronger minds and a healthier world.

UW faculty and staff also enjoy outstanding benefits, professional growth opportunities, and unique resources in an environment noted for diversity, intellectual excitement, artistic pursuits, and natural beauty.

The Department: As a member of the Applied Physics Laboratory’s Information Technology (IT) team, the Cybersecurity Analyst will perform cybersecurity-related activities related to APL’s primary unclassified secure enclave. As a designated Navy University Affiliated Research Center (UARC), APL executes a mix of basic and applied research that supports the University’s educational and research mission, along with providing key benefits to the Naval Research and Development Establishment. APL’s IT enterprise is a critically important enabler for all of its research and administrative functions, and this position will provide essential capabilities to further APL’s and the University’s overall missions.

See Yourself at APL (https://seeyourselfapl.uw.edu/) as a member of the Information Technology Department! We are seeking a full-time Cybersecurity Analyst to join the team. This position has a salary range of $90,000 to $115,008 per year ($7,500 - $9,584 monthly), along with great employment benefits and competitive total compensation incentives.

The Position: Reporting to APL’s Chief Systems Architect, who has primary responsibility for the design and maintenance of the unclassified secure enclave, this position provides regular reports and analysis on system functions and network traffic. The person hired will perform regular scans using industry-standard tools of infrastructure and endpoint systems for regulatory compliance and vulnerabilities, providing reports of status and any anomalies found. This position will run reports of user and system activity, and contact users for status updates when standard periods of inactivity are exceeded. They will monitor network traffic analysis tools, implementing and modifying dashboards and automated alert tools so that anomalous activity can be addressed promptly, and they will maintain awareness of industry developments in cybersecurity-related tools and software packages, making recommendations for improved performance or cost savings as technology develops over time. This position will properly document and communicate the results of their work products within the IT team and to managers for overall situational awareness.

The prime responsibility for this position will be performing day-to-day cybersecurity monitoring of APL’s main computing enclave intended for handling of Controlled Unclassified Information (CUI). IT requirements for CUI handling are flowed down in contractual language, currently most often requiring conformance to NIST SP 800-171, and likely future alignment with Cybersecurity Maturity Model Certification (CMMC). The incumbent must have working knowledge and maintain awareness of these requirements, which change and evolve as the cybersecurity risk landscape increases in scope. APL’s strong field experimentation programs provide additional complexities, with servers, workstations, and laptops being deployed in sometimes harsh environments outside the laboratory, disconnected from conventional networks, and requiring specialized provisioning, support, and monitoring.

Cybersecurity Analyst Responsibilities: As a Cybersecurity Analyst, your responsibilities will include:

System Scanning and Remediation: Analyze system scans using industry-standard tools, both scheduled and on-demand as necessary, covering both vulnerabilities and regulatory compliance. Provide an assessment of the threat level for any found vulnerabilities or compliance shortfalls, and devise thorough remediation plans with input from managers. Work with infrastructure engineers and/or endpoint users as appropriate to effect needed remediations on a prioritized basis.

Network Logging Analysis: Utilize industry-standard network traffic analysis tools to provide alerts for anomalous events. Build and maintain dashboards for visual inspection, and create automated alert functionality with feeds to engineer e-mail and ticketing systems as appropriate. Provide regular reports to managers on trends and anomalies found in the information flow in both north-south (into and out of the network) and east-west (within the network) directions.

Literature and Product Review: Maintain daily awareness of reporting in the literature regarding publicly known vulnerabilities, exploits, and other cyber threats so that APL can respond in a timely manner. Monitor trade publications for new advances in cybersecurity tools and applications, and provide recommendations on how they might be employed at APL to provide improved functionality or cost savings.

Activity Reporting: Run regular reports of the system and user activity, reporting on any findings that exceed a given period of inactivity defined by the policy. In collaboration with managers, contact users for updates on usage, and determine if unused user accounts or systems can be decommissioned.

Documentation: Documentation and communication of findings will be a key part of this position and is a component of all the other defined job functions. The incumbent must be able to clearly communicate both in writing and orally the results of all work products to a wide variety of audiences: IT team members, managers, end end-users in science/engineering, and administration. Written documentation will be archived in repositories or wikis as appropriate.

General Requirements: Bachelor’s Degree in Information Systems, Computer Science, Computer Engineering, or Information Security or related field and at least two years of experience as an IT Systems Engineer, System Administrator, or Cybersecurity Professional.

Additional Experience: • Experience with system vulnerability scanning utilities (e.g., Tenable Security Center, Nessus, Wazuh,). • Experience with network logging tools (e.g., Splunk, Graylog). • Experience with antivirus and endpoint protection products (e.g., Windows Defender, FortiClient, ClamAV). • Experience with NIST 800-171 and/or 800-53 standards. • Demonstrated ability to work independently, make critical decisions, and work effectively with all levels of the organization. • Excellent interpersonal and written/verbal communication skills.

Equivalent education/experience will substitute for all minimum qualifications except when there are legal requirements, such as a license/certification/registration. The person hired into this position must be a U.S. citizen and successfully obtain and continue to maintain a Department of Defense (DOD) Personnel Security Clearance. The process for obtaining a DOD Security Clearance can be viewed using the following links: Processing Applicants (dcsa.mil) or General Investigations and Clearance Processes (dcsa.mil) (https://www.dcsa.mil/mc/pv/mbi/gicp/) While not required, you’ll stand out if you have: • Microsoft Windows (server and endpoint). • Linux (server and endpoint). • macOS. • Experience with scripting or other languages (e.g., powershell, bash, python, etc). • Revision Management (Gitlab, Git, SVN). • Firewalls (Pfsense/FortiGate). • IDS/IPS (Suricata,Snort). • Forensic network analysis tools (e.g., Wireshark, tcpdump, nmap, etc.). • Security concepts and practices: defense-in-depth, encryption, least privilege, etc.

About APL: The Applied Physics Laboratory is a research unit at the University of Washington. Our research expertise is in ocean physics and engineering, ocean and medical acoustics and imaging, polar science, environmental remote sensing, and signal processing. We conduct research and development that is sponsored by a variety of federal and state agencies and take great pride in our long-standing status as a US Navy-designated University Affiliated Research Center (UARC). Our work takes place not only on the University of Washington campus and medical centers, but in field locations around the world – at sea, in the air, and on polar ice caps. We apply rigorous scientific inquiry and engineering excellence in pursuit of solutions to important problems for the good of our region, nation, and world.

DEI: Diversity is a core value at the University of Washington and the Applied Physics Laboratory shares this commitment. We are focused on building and sustaining an inclusive and equitable research environment for all students, staff, and collaborators. We believe every member of our team enriches our community by exposing us to a broad range of ways to understand and engage with the world, identify challenges, and discover, design, and deliver solutions.

Application Process: The application process may include the completion of a variety of online assessments to obtain additional information that will be used in the evaluation process. These assessments may include Work Authorization, Cover Letter and/or others. Any assessments that you need to complete will appear on your screen as soon as you select “Apply to this position”. Once you begin an assessment, it must be completed at that time; if you do not complete the assessment, you will be prompted to do so the next time you access your “My Jobs” page. If you select to take it later, it will appear on your "My Jobs" page to take when you are ready. Please note that your application will not be reviewed, and you will not be considered for this position until all required assessments have been completed.

University of Washington is an affirmative action and equal opportunity employer. All qualified applicants will receive consideration for employment without regard to, among other things, race, religion, color, national origin, sexual orientation, gender identity, sex, age, protected veteran or disabled status, or genetic information.