FedRAMP Cybersecurity Analyst, Junior

Description: • Engage directly with clients through verbal communication to perform interviews for assessments, understand their needs, and provide effective solutions. • Conduct comprehensive assessments by analyzing cybersecurity documentation and performing evidence collection, interviews, and tests to evaluate compliance with relevant standards such as FISMA, NIST RMF, and FedRAMP. • Creating scripts and utilizing scripting skills to automate repetitive tasks and improve the efficiency of security assessments, reporting, and evidence collection. • Conduct system and network vulnerability scanning and analysis using tools such as Nessus/ACAS, SCC, and DISA STIGs/STIG Viewer. • Prepare clear and accurate reports and documentation, with an emphasis on creating scripts to automate analysis and report generation. • Work independently or as part of a client delivery team in a fast-paced, deadline-driven, remote environment. • Travel up to 25% for client engagements as required. Requirements: • Strong verbal communication skills with the ability to articulate ideas clearly and confidently in face-to-face and phone interactions with clients. • Basic knowledge of Cloud Computing, FedRAMP, FISMA, NIST/DoD RMF, and NIST SP 800-series publications. • Demonstrable scripting skills in at least one language (e.g., Python, PowerShell, Bash) for task automation. • Beginner knowledge of testing tools such as Nessus/ACAS, SCC, DISA STIGs/STIG Viewer. • Strong organizational, planning, and attention to detail skills. • Self-motivated with a strong technical aptitude. • Must obtain a FedRAMP required (A2LA R311) industry certification within 3 months. • The junior assessor must have at least one industry certification from the list: Cisco Certified Network Associate Security (CCNA Security); Cisco Certified Network Associate Cyber Security Operations (CCNA Cyber Ops); Cybersecurity Analyst (CySA+); GIAC Certified Incident Handler (GCIH); GIAC Systems and Network Auditor (GSNA); GIAC Certified Intrusion Analyst (GCIA); Certified Information Systems Auditor (CISA); Certified Information System Security Professional or Associate (CISSP or Associate); Certified Secure Software Lifecycle Professional (CSSLP); Certified Information Systems Security Officer (CISSO); CyberSec First Responder (CFR); CompTIA Advanced Security Practitioner (CASP+); Continuing Education (CE); CompTIA Cloud+ (Cloud+); Global Industrial Cyber Security Professional (GICSP); Securing Cisco® Networks with Threat Detection Analysis (SCYBER). • Travel up to 25% for client engagements as required. • 1+ years of experience in performing or participating in FISMA-based security Assessment and Authorization (A&A) activities. • Experience and technical knowledge in security engineering, secure architecture development, system and network security, authentication and security protocols, applied cryptography, and application security. • Experience in creating and maintaining scripts for cybersecurity tools and processes, such as vulnerability scanning or compliance checks. • Proficiency in performing technical assessments using standard industry tools such as Nessus, DB Protect, Acunetix, and ACAS (for DoD). • Ability to identify and mitigate cyber security risks through formal assessment activities. Benefits: • Incentive Bonus Plans • Medical, Dental, Vision benefits • 401K • 10 Paid Holidays • Generous Paid Time Off Packages • Employee Stock Purchase Plan • Paid Parental & Family Leave • and more! Apply tot his job