CYBERSECURITY ANALYST Job at University of Washington in Seattle

The Department: As a member of the Applied Physics Laboratory’s Information Technology (IT) team, the Cybersecurity Analyst will perform cybersecurity-related activities related to APL’s primary unclassified secure enclave. As a designated Navy University Affiliated Research Center (UARC), APL executes a mix of basic and applied research that supports the University’s educational and research mission, along with providing key benefits to the Naval Research and Development Establishment. APL’s IT enterprise is a critically important enabler for all of its research and administrative functions, and this position will provide essential capabilities to further APL’s and the University’s overall missions. The Position: Reporting to APL’s Chief Systems Architect, this position provides regular reports and analysis on system functions and network traffic. The person hired will perform regular scans using industry-standard tools of infrastructure and endpoint systems for regulatory compliance and vulnerabilities, providing reports of status and any anomalies found. This position will run reports of user and system activity, and contact users for status updates when standard periods of inactivity are exceeded. They will monitor network traffic analysis tools, implementing and modifying dashboards and automated alert tools so that anomalous activity can be addressed promptly. The position will properly document and communicate the results of their work products within the IT team and to managers for overall situational awareness. Cybersecurity Analyst Responsibilities: As a Cybersecurity Analyst, your responsibilities will include: System Scanning and Remediation: Analyze system scans using industry-standard tools, both scheduled and on-demand as necessary, covering both vulnerabilities and regulatory compliance. Provide an assessment of the threat level for any found vulnerabilities or compliance shortfalls, and devise thorough remediation plans with input from managers. Network Logging Analysis: Utilize industry-standard network traffic analysis tools to provide alerts for anomalous events. Build and maintain dashboards for visual inspection, and create automated alert functionality with feeds to engineering email and ticketing systems as appropriate. Literature and Product Review: Maintain daily awareness of reporting in the literature regarding publicly known vulnerabilities, exploits, and other cyber threats so that APL can respond in a timely manner. Activity Reporting: Run regular reports of the system and user activity, reporting on any findings that exceed a given period of inactivity defined by the policy. Documentation: Documentation and communication of findings will be a key part of this position and is a component of all the other defined job functions. General Requirements: Bachelor’s Degree in Information Systems, Computer Science, Computer Engineering, or Information Security or related field and at least two years of experience as an IT Systems Engineer, System Administrator, or Cybersecurity Professional. Additional Experience: • Experience with system vulnerability scanning utilities (e.g., Tenable Security Center, Nessus, Wazuh). • Experience with network logging tools (e.g., Splunk, Graylog). • Experience with antivirus and endpoint protection products (e.g., Windows Defender, FortiClient, ClamAV). • Experience with NIST 800-171 and/or 800-53 standards. • Demonstrated ability to work independently, make critical decisions, and work effectively with all levels of the organization. • Excellent interpersonal and written/verbal communication skills. The person hired into this position must be a U.S. citizen and successfully obtain and continue to maintain a Department of Defense (DOD) Personnel Security Clearance. While not required, you’ll stand out if you have: • Microsoft Windows (server and endpoint). • Linux (server and endpoint). • macOS. • Experience with scripting or other languages (e.g., powershell, bash, python, etc). • Revision Management (Gitlab, Git, SVN). • Firewalls (Pfsense/FortiGate). • IDS/IPS (Suricata, Snort). • Forensic network analysis tools (e.g., Wireshark, tcpdump, nmap, etc). • Security concepts and practices: defense-in-depth, encryption, least privilege, etc. About APL: The Applied Physics Laboratory is a research unit at the University of Washington. Our research expertise is in ocean physics and engineering, ocean and medical acoustics and imaging, polar science, environmental remote sensing, and signal processing. DEI: Diversity is a core value at the University of Washington and the Applied Physics Laboratory shares this commitment. #J-18808-Ljbffr