Cybersecurity Analyst

Cybersecurity Analyst

Woburn, MA

STR is hiring a Cybersecurity Analyst to aid the Enterprise Cybersecurity Team. The cybersecurity analyst will provide day-to-day cybersecurity operations support.

Responsibilities

• Interfaces and communicates with internal/external stakeholders regularly to identify and review software for use in a CMMC Level 2 environment and eventually CMMC level 3 environment
• Provides consulting relative to cybersecurity strategy, metrics, and compliance
• Supports the development of CMMC cybersecurity assessment related instruction
• Gather evidence in support of audits
• Provides subject matter expertise on matters including governance and oversight, standards and processes, tools and technology
• Support the development, implementation, and management of security policies/procedures to ensure they remain aligned with business objectives/meet regulatory requirements
• Correlate threat information from various sources, including security incidents raised by the user community such as phishing attempts, malware outbreaks, unauthorized access attempts, as well as security alerting sources
• Maintain current knowledge of DoD security and technical guidelines and the organization's policies
• After-hours support is required for incident handling, maintenance and patching when needed
• Collaborate with cross-functional teams to drive security improvements and ensure project objectives are met within scope, time, and budget constraints

Requirements

• Experience in Microsoft Defender and Sentinel, analyzing events and recommended actions
• Experience with Corelight Investigator is highly preferred
• Technical background with a variety of information security systems and tools including firewalls, intrusion detection systems, intrusion prevention systems, vulnerability management, intrusion detection and prevention, cloud access security broker, anti-virus/malware, data loss prevention
• Experience or knowledge designing and implementing controls within corporate networks to include computer and network security and operating systems such as UNIX, Linux, MAC, and WINDOWS, as well as LAN/WAN internetworking protocols such as TCP/IP and network perimeter protection
• Strong analytical skills in order to identify security risks and appropriate measures needed to help mitigate those risks. Must be comfortable conducting independent research into issues and inquiries to provide guidance when requested

Qualifications

• Bachelor's degree in Cybersecurity, Information Technology, or a related field (or equivalent experience)
• 2+ years of experience in cybersecurity, with a focus on architecture, strategy, or special projects
• Understanding of security frameworks (e.g., NIST, ISO 27001) and risk management methodologies
• Hands-on experience with security tools, vulnerability management, and incident response processes
• Experience with security architecture design, including cloud security platforms (AWS/Azure)
• Excellent written and verbal communication skills with the ability to present complex information to both technical and non-technical stakeholders
• Preferred Certifications: CISSP, CISM, OSCP, or equivalent industry-recognized certifications; GIAC certifications (GCIH, GCFA, GCIA) and cloud security credentials (CCSP, AWS Security Specialty) a plus

Pay Information Full-Time Salary Range: $104,000 to $120,000

The salary range listed is based on external market data. Offers are based on factors, such as but not limited to, the candidate's experience, education, training, key skills/critical skills, security clearances, and prevailing market and business conditions.