7,019 Cybersecurity Analyst jobs in the United States

• Ability to monitor and respond to security incidents
• Strong understanding of security policies and frameworks
• Knowledge of compliance standards (e.g., GDPR, HIPAA)
• Experience conducting vulnerability assessments
• Proficiency in creating detailed security reports
• Capability to collaborate with teams to improve security posture

• Expertise in using security monitoring tools (e.g., SIEM)
• Knowledge of firewalls and intrusion detection systems
• Familiarity with malware analysis techniques
• Ability to conduct forensic investigations
• Proficiency in scripting for automation
• Strong understanding of network protocols like TCP/IP

• Experience with cloud security tools
• Familiarity with machine learning in cybersecurity
• Knowledge of advanced penetration testing techniques
• Expertise in implementing zero-trust architectures
• Understanding of IoT security challenges
• Certification in cybersecurity (e.g., CISSP, CEH)

• Excellent Salaries
• Flexible Work Schedule
• Cafeteria Style Benefits
• 10% - 401k Matching (Vested Immediately)
• Additional 401k Profit Sharing
• 30 days Paid Leave/Holiday (No Use or Lose!)
• The day off for your birthday
• Medical/Dental/Vision - 100% employee coverage. ($1200 allowance - or a bonus)
• HSA/FSA
• AFLAC
• Long Term/Short Term Disability - 100% employee coverage. No cost to you.
• Life Insurance - 100% employee coverage. No cost to you.
• Additional Discretionary Life Insurance
• Paid Training
• No long, wordy reviews with tons of paperwork!
• Referral bonus program with recurring annual payments

Key Role:

Provide subject matter expertise in the provision of Information Assurance (IA) and Cybersecurity support for Certification and Accreditation (C&A), the Risk Management Framework (RMF) accreditation package and artifact generation, requirements analysis, Security Test and Evaluation (ST&E) plans and execution, risk assessments, systems analysis and hardening, incident response and policy analysis, trusted product evaluations, IA program assessments, and security posture presentations. Provide analytical and technical support for the development and submission of C&A documentation in compliance with RMF requirements. Apply technology expertise and analyze the security implications of system and application security. Provide recommendations to decision makers and engineers.

Basic Qualifications:

• 6+ years of experience with IT and IA
• 6+ years of experience with IA security policy, including ATOs and ATCs
• Experience with the USMC and Navy C&A process, including RMF
• Experience developing test plans and procedures to address the level of effort for the IT system being accredited
• Experience with MCCAST and eMASS
• Experience validating IA requirements for the IT systems being accredited
• Experience with ACAS and STIGs
• Secret clearance
• Bachelor's degree in Cybersecurity
• DoD IAM Level II Certification, including CAP, CISSP, CASP, CISM, or GSLC Certification

Additional Qualifications:

• Experience working with MOUs and MOAs
• Experience with current RMF DoD Cybersecurity and Acquisition policies
• Ability to provide consultation and innovative solutions to clients regarding cybersecurity efforts
• Ability to work as part of a team

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.

Compensation

At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen's benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page.

Identity Statement

As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.

Work Model
Our people-first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely.

• If this position is listed as remote or hybrid, you'll periodically work from a Booz Allen or client site facility.
• If this position is listed as onsite, you'll work with colleagues and clients in person, as needed for the specific role.

Commitment to Non-Discrimination

All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.

Cybersecurity Analyst (onsite Wed, Thurs, Fri and alternating Saturdays 7am-7pm)
Certification requirements:
o t start date must possess an active CompTIA Security+CE certification.
o t start date , must possess one of the following CSSP Incident Responder certifications:
§ CySA+, CEH, or GCIH
o When 8140 requirements are implemented on program/contract, employee will need to conform to 8140 certification standards.
• Please note that pursuant to a government contract, this specific position requires U.S. Citizenship.
All applicants must have current DoD Secret clearance day one and prior to entry on duty.

Supports the Army National Guard Department of Defense Information Network's IT infrastructure, cybersecurity, application hosting and associated services. This enterprise network, one of the nation's largest in the Department of Defense, provides soldiers with access to the Internet, securely allows them to connect with other databases and networks, and provides leaders with tools for training, mission planning and execution. The network supports more than 124,000 users at 3,000 locations across all U.S. states, territories, and the District of Columbia.
• Bachelor's degree from an accredited institution in cybersecurity, information assurance, computer science or a related technical discipline, or the equivalent combination of education, technical certifications or training, or work experience.
• Please note that pursuant to a government contract, this specific position requires U.S. Citizenship.
• ll applicants must have current DoD Secret clearance day one and prior to entry on duty.
• 6+ years of overall demonstrated experience in cybersecurity, information assurance or computer science.
• Certification requirements:
o t start date must possess an active CompTIA Security+CE certification.
o t start date, must possess one of the following CSSP Incident Responder certifications:

§ CySA+, CEH, or GCIH
o When 8140 requirements are implemented on program/contract, employee will need to conform to 8140 certification standards.
• Excellent problem solving, analytical, and decision-making capabilities, including understanding user requirements, troubleshooting technical issues, successfully resolving issues and challenges, and developing creative solutions for process improvement.
• Dependability, in that the individual is consistently at work and on time, follows instructions, responds to management direction, and solicits feedback to improve.
• Must have:
o Strong customer service experience as this position will require candidate to engage with senior military and government leadership.
o bility to present ideas clearly through briefings, meetings and interaction with leadership of different skill sets.
o bility to provide training sessions as required.
o bility to engage with stakeholders to ensure tasks are progressing and meeting timelines.
o bility to work under time constraints and adapt to changes in requirements and new projects.
o bility to maintain and upgrade certifications.
o bility to assimilate information rapidly, motivated to self-study new requirements.
o Maintain current industry knowledge of relevant concepts, practices, and procedures.
• Familiar with:
o DoD 2875

• Build, maintain, and continuously improve ATC's cyber security program and incident response deliverables.
• Partner with internal teams to analyze systems and processes and implement effective security and technology controls.
• Support regulatory compliance efforts, including helping to meet NERC CIP obligations.
• Perform security risk assessments for technology solutions and vendors.
• Assist with the development and maintenance of cyber security policies and standards.
• Collaborate with ATC governance teams, including Internal Audit, Regulatory Compliance, Governance/Risk/Compliance, and the CIP Program Office.
• Stay ahead of industry developments to identify opportunities to enhance cyber security posture.

• Bachelor's degree in Computer Science, Information Systems, Engineering, or a related field preferred.
• Equivalent work experience with relevant certifications may be considered.

• Professional certifications such as CISSP , CISM , or SANS GIAC preferred.
• Experience managing security and technology controls (e.g., NIST, SANS, COBIT).
• Familiarity with security architecture, vulnerability assessments, incident response, and risk analysis.
• Experience supporting or managing compliance activities-especially NERC CIP-is highly desirable.
• Strong organizational and communication skills; ability to manage multiple tasks in a dynamic environment.
• Experience working with cross-functional teams and balancing security goals with stakeholder needs.
• Industry involvement (e.g., InfraGard, ISACA, ISSA, ISC2) a plus.

Benefits:

401(k) matching

Bonus based on performance

Company parties

Competitive salary

Employee discounts

Health insurance

Opportunity for advancement

Paid time off

Parental leave

Training & development

Vision insurance

Wellness resources

SUMMARY

Works to protect a company's network and proprietary and sensitive information. The security analyst will identify and correct flaws in the security system, create procedures for IT employees to follow, and improve the overall security system. The security analyst will analyze logs, events, reports, and security assessments to detect threats and potential threats.

ESSENTIAL DUTIES AND RESPONSIBILITIES include the following:

• Leading efforts to counter security breaches and anticipating and reducing the likelihood of future security alerts, incidents, and disasters. • Defining, planning, implementing, maintaining, and upgrading security measures, policies, and controls. • Writing reports and providing insights on the efficacy of the current security policies, incident responses, disaster recovery plans, and other security-related information. • Assisting with the creation of updates and training programs to secure the network and train the employees. • Develop a thorough knowledge of all security systems in place including, but not limited to intrusion prevention, endpoint security, SEIM, MDM, MFA, NAC, and forensic tools. • Identify, classify, and manage company data. Write and update data classification policy and work with IT to enforce retention policies. • Keeping the security systems up to date. • Monitoring security access and maintaining the relevant data. • Conducting vulnerability testing and risk analyses to assess security and performing internal and external security audits. • Analyzing security breaches to identify the cause and to update incidence responses and disaster recovery plans. • Verifying and coordinating security plans with outside vendors to meet security requirements. • Creating procedures for IT employees and training them in security awareness. • Advanced training certifications may be advantageous. • The ability to work in a high-stress environment. • Excellent verbal and written communication skills, interpersonal, and teaching skills. • Good anticipation, analytical, and problem-solving skills. • The ability to remain current on the latest technology and best practices in information security. • Use ethical hacking tactics to expose weaknesses and identify potential threats.

DESIRED KNOWLEDGE, SKILLS AND ABILITIES

Bachelor's degree Microsoft Excel (advanced) Microsoft Word (basic) Microsoft Outlook (intermediate) CompTIA Security+

• Daily responsibilities include, but are not limited to the following:
• Develop functional and technical requirements; serve as a POC for Information Systems with security issues;
• Prepare and update reports to ensure that the unit complies with mandated internal and external security reporting requirements, including Federal Information Security Modernization Act (FISMA) and Capital Planning;
• Coordinate security program and system elements with the agency IT Program Managers by evaluating system environments for security requirements and controls including: IT Security Architecture, hardware, software, telecommunications, security trends, and associated threats and vulnerabilities;
• Manage security controls to ensure confidentiality, integrity and availability of information;
• Build security into the system development process and define security specifications to Support the acquisition of new systems;
• Support System Owners or Program Officers on the review of system procurement requests to ensure that security has been considered and included;
• Adhere to and implement system security controls that ensure the protection of Sensitive but Unclassified (SBU) information using authentication techniques, encryption, firewalls, and access controls;
• Conduct Security Assessments independently;
• Create and/or update the System Security Plans;
• Serve as an advisor in risk assessments of all systems and mitigate vulnerabilities;
• Adhere to Continuous Monitoring practices to ensure that security controls are maintained over the life of IT systems
• Assist the System Owner in the development, testing and maintenance of contingency plans, backup and storage procedures;
• Document all procedures according to the organizations standards;
• Audit and monitor application, system and security logs for security threats, vulnerabilities and suspicious activities; report suspicious activities to the agency Incident coordinator;
• Monitor and coordinate patch management and scanning techniques for all unit systems; participate in identification and mitigation of all system vulnerabilities;
• Support and facilitate the security awareness, training, and education program; and
• Assist the Information System Security Manager (ISSM), or CISO in any other security related duties, as required.

• 4-8 years direct experience supporting federal organizations Cybersecurity programs.
• Experience drafting FISMA related artifacts to include: system security plans, incident response plans, configuration management plan, FIPS 199, digital identity risk assessments, security impact analysis, contingency plan, security assessment plans and reports, Plan of Action and Milestones (POA&M), and training materials.
• Experience in applying NIST Special Publications to information systems.
• Experience with performing information system continuous monitoring of security controls to ensure that they continue to be implemented correctly, operating as intended and producing the desired outcome with respect for meeting the security requirements. •
• Knowledge of cybersecurity tools such as: Tenable, Qualys, Governance Risk Compliance (GRC) tools (e.g. Xacta, Risk Vision, CSAM, etc.,).
• Must have DIRECT security assessment and audit experience.
• Extensive and comprehensive understanding of Cloud Services.

• Certified Information Systems Security Professional (CISSP) certification.
• 8+ years experience supporting federal organizations Cybersecurity programs.
• Experience with conducting security assessments, audits, and control implementation in accordance with NIST Special Publications.
• DoD 8570 IAM Level 2.

Kearney & Company is seeking a skilled and vigilant Cybersecurity Analyst to join our dynamic team. The primary objective of this role is to protect Kearney's information systems by preventing data loss through identifying potential threats, implementing security measures, and responding to incidents. This role is crucial in maintaining the confidentiality, integrity, and availability of our data while ensuring compliance with industry standards.

Primary Responsibilities

• Monitor and analyze network traffic for suspicious activities using various security tools and techniques.

• Conduct vulnerability assessments to identify potential security weaknesses.

• Develop and implement security policies, protocols, and procedures to protect sensitive information.

• Investigate and respond to security breaches, incidents, and anomalies in a timely manner.

• Collaborate with IT and other departments to ensure comprehensive security measures are in place.

• Stay up-to-date with the latest cybersecurity trends, threats, and technologies.

• Educate, train, and provide guidance to staff on best security practices and awareness.

• Prepare reports and briefs on security incidents, outcomes, and recommendations.

• Bachelor's degree in Computer Science, Information Security, or a related field.

• Minimum 2 years experience in cybersecurity or a related role.

• Ability to work in a hybrid environment
• Proficiency working in Microsoft environment
• Experience with cybersecurity tools such as Microsoft Defender, Data Loss Prevention, SIEM, vulnerability scanners, and forensic tools.
• Relevant certifications such as CISSP, CEH, CISM, or CompTIA Security+ or other cybersecurity certification
• Fundamental knowledge of OSINT reconnaissance.
• Excellent problem-solving skills and attention to detail.
• Ability to work independently and as part of a team in a fast-paced environment.
• Strong communication skills, both written and verbal.
• Commitment to ethical and responsible conduct.

• Medical, Dental, Vision, Life, AD&D, and Disability Insurance
• 401(k) Retirement Plan and 529 Education Savings Plan
• Flexible Spending & Health Savings

Job Overview Job Title: Cybersecurity Analyst Location: Portsmouth, VA Job Responsibilities Trace Systems is seeking a Cybersecurity Analyst to support the Norfolk Naval Shipyard CIO department (Code 109), and the associated network capabilities are currently supporting activities that directly contribute to Navy Fleet readiness. Some of the functions supported by the network include automated tools that enhance the warfighter’s ability to execute their mission; support to mission areas such as: Fleet logistics, maintenance, ship industrial and maintenance production activities, engineering, supply, legal, readiness, plans and policy, program planning and management, and personnel; hurricane disaster preparedness and response; world-wide support of bases, the war-fighter, and stations; readiness reporting and support; and securing the Homeland. NNSY CIO is responsible for the installation, administration, development, management, and/or maintenance of all networks and systems installed at NNSY and telecommunication services. The CIO provides IT approval for IT purchases made for and by NNSY. This department ensures that all systems and networks operate in a secure manner by implementing and managing an Information Assurance program that meets all Navy and DoD requirements. The project associated with this position is currently in the proposal stage. Duties and responsibilities include but are not limited to: Support the revision of the entire end-to-end Assessment and Authorization (A&A) process. Support for Inspection and Audit conducted at NNSY. Review A&A package submissions to ensure system/network architectures and technical/non- technical operating features adequately protect and defend against unauthorized access, ensure systems availability, and meet DoD/Navy Cyber Security (CS) implementation policy requirements and data protection safeguards. Conduct CS compliance and A&A documentation validation assessments for legacy applications, systems and networks. Develop, or expand existing A&A and CS documentation to ensure complete documentation exists in accordance with DoD A&A and IA/CS policy. Perform Cyber Compliance (CC) risk assessments to evaluate system risks and provide written risk assessment reports including overall risk analysis reviews and recommendations to the Navy Authorizing Official (NAO) and Functional Authorizing Official (FAO). Respond to feedback from the NAO and FAO in the form of comments and instructions to ensure coordination of efforts and to correct errors, information omissions and shortfalls in A&A documentation packages. Communicate feedback to customers, coordinate corrections collect responses and validate prior to forward for processing. Develop procedures to support A&A workflow processes, criteria needed to facilitate authorization processes and NAO/FAO authorization decision milestones. Streamline A&A package efforts based on RMF status and complexity, unless operational requirements necessitate a waiver from the NNSY Package Submission Office (PSO). Support Cyber Security readiness reporting and assess the cyber security posture and identify trends and processes potentially dangerous to network security. Verify Information Assurance (IA) and CS data for units reported via various databases such as Enterprise Mission Assurance Support Service (eMASS), Vulnerability Remediation Asset Manager (VRAM), Navy Continuous Monitoring and Risk Scoring (CMRS-N) and Department of the Navy (DON) Applications and Database Management System (DADMS). Compile and analyze data and develop a weekly/monthly CS Dashboard for NNSY leadership review. Communicate feedback to NNSY CIO identified with CS vulnerabilities to the DODIN and coordinate corrections, collect responses and validate reporting. Provide support in drafting NNSY CIO strategies, plans, policy, and procedures. Assist with Assured Compliance Assessment System (ACAS) scans Ensure audit artifacts are accurate, complete, and accessible, including evidence of continuous monitoring, patch management, user

• Ability to monitor and respond to security incidents
• Strong understanding of security policies and frameworks
• Knowledge of compliance standards (e.g., GDPR, HIPAA)
• Experience conducting vulnerability assessments
• Proficiency in creating detailed security reports
• Capability to collaborate with teams to improve security posture

• Expertise in using security monitoring tools (e.g., SIEM)
• Knowledge of firewalls and intrusion detection systems
• Familiarity with malware analysis techniques
• Ability to conduct forensic investigations
• Proficiency in scripting for automation
• Strong understanding of network protocols like TCP/IP

• Experience with cloud security tools
• Familiarity with machine learning in cybersecurity
• Knowledge of advanced penetration testing techniques
• Expertise in implementing zero-trust architectures
• Understanding of IoT security challenges
• Certification in cybersecurity (e.g., CISSP, CEH)

• Excellent Salaries
• Flexible Work Schedule
• Cafeteria Style Benefits
• 10% - 401k Matching (Vested Immediately)
• Additional 401k Profit Sharing
• 30 days Paid Leave/Holiday (No Use or Lose!)
• The day off for your birthday
• Medical/Dental/Vision - 100% employee coverage. ($1200 allowance - or a bonus)
• HSA/FSA
• AFLAC
• Long Term/Short Term Disability - 100% employee coverage. No cost to you.
• Life Insurance - 100% employee coverage. No cost to you.
• Additional Discretionary Life Insurance
• Paid Training
• No long, wordy reviews with tons of paperwork!
• Referral bonus program with recurring annual payments