• Cybersecurity Analyst - Mid

    ASM Research, An Accenture Federal Services Company (Germantown, MD)


    The Cybersecurity Specialist II is responsible for implementing, operating, and maintaining cybersecurity tools, systems, and processes to protect mission-critical IT infrastructure. Candidate possesses in-depth technical knowledge of infrastructure and cybersecurity technology necessary to integrate, enhance, and manage security mechanisms and tools that protect networks and information systems against vulnerabilities and threats.

     

    Knowledge of CTI, SOC Analysis, and IR is optimal. The role may include creation of custom scripts/alerts/dashboards/reports, providing audit support, maintenance of security tools, and escalation of issues to vendor when necessary.

     

    Additionally, candidate will have at least five years of working knowledge and experience with three or more of the following tools: Tenable, Qualys, Netsparker, AppScan, OpenSCAP, Splunk, Nucleus, ServiceNow, Atlassian Suite.

    Key Responsibilities

    Security Controls

    + Support the implementation, assessment, and continuous monitoring of security controls in alignment with FISMA, NIST 800‑53, and DOE cybersecurity requirements.

    + Conduct control reviews, gather evidence, and validate compliance across systems, applications, and cloud environments.

    + Analyze control deficiencies, document findings, and recommend remediation actions to improve security posture.

    + Assist ISSOs and System Owners with POA&M development, tracking, and closure activities.

    + Maintain security documentation, including control matrices, assessment artifacts, and continuous monitoring records

    2. Cybersecurity Performance Management

    + Implement baseline security configurations and controls across servers, endpoints, and networks.

    + Monitor and validate the effectiveness of security controls, reporting metrics to leadership.

    + Support the collection, analysis, and reporting of cybersecurity performance data.

    + Assist in revising and improving processes to meet DOE and federal cybersecurity standards.

    3. Cybersecurity Operations

    + Operate and maintain cybersecurity systems including SIEM, IDS/IPS, EDR, DLP, ICAM, CDM, and cloud security tools.

    + Perform daily monitoring, detection, and analysis of threats across SC GSS domains.

    + Generate reports on vulnerabilities, configurations, compliance, phishing incidents, and asset health.

    + Assist in firewall configuration, SIEM tuning, and integration of new security tools.

    + Conduct proactive threat hunting and support incident response activities in coordination with SOCaaS providers and DOE iJC3.

    + Execute containment, eradication, and recovery procedures during security incidents.

    + Document incident handling activities and contribute to After Action Reports (AARs).

    Minimum Qualifications

    + Bachelor’s degree in Cybersecurity, Computer Science, or related field.

    + 5–7 years of experience in cybersecurity engineering, operations, or IT security.

    + Hands-on expertise with SIEM, IDS/IPS, EDR, DLP, ICAM, CDM, and vulnerability scanning tools.

    + Experience with security control / management, compliance and audit support

    + Familiarity with DOE cybersecurity policies, FISMA, NIST 800-53, and federal directives.

    + Experience supporting risk management and certification/accreditation processes.

    + Certifications such as Security+, CySA+, CEH, or equivalent.

    Other Job Specific Skills

    + Strong technical troubleshooting and problem-solving skills.

    + Ability to work in fast-paced environments and respond to evolving threats.

    + Effective communication skills for reporting incidents and collaborating with IT teams.

    + Experience with compliance-driven environments and mission assurance activities.

    + Detail-oriented with strong documentation practices.

    + Knowledge of computer networking concepts and protocols, and network security methodologies.

    + Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).

    + Knowledge of cybersecurity and privacy principles.

    + Knowledge of information security systems engineering principles (NIST SP 800-160).

    + Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML).

    + Knowledge of Privacy Impact Assessments.

     

    Compensation Ranges

     

    Compensation ranges for ASM Research positions vary depending on multiple factors; including but not limited to, location, skill set, level of education, certifications, client requirements, contract-specific affordability, government clearance and investigation level, and years of experience. The compensation displayed for this role is a general guideline based on these factors and is unique to each role. Monetary compensation is one component of ASM's overall compensation and benefits package for employees.

    EEO Requirements

    It is the policy of ASM that an individual's race, color, religion, sex, disability, age, sexual orientation or national origin are not and will not be considered in any personnel or management decisions. We affirm our commitment to these fundamental policies.

     

    All recruiting, hiring, training, and promoting for all job classifications is done without regard to race, color, religion, sex, disability, or age. All decisions on employment are made to abide by the principle of equal employment.

    Physical Requirements

    The physical requirements described in "Knowledge, Skills and Abilities" above are representative of those which must be met by an employee to successfully perform the primary functions of this job. (For example, "light office duties' or "lifting up to 50 pounds" or "some travel" required.) Reasonable accommodations may be made to enable individuals with qualifying disabilities, who are otherwise qualified, to perform the primary functions.

     

    Disclaimer

     

    The preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this job.

     

    $71,800 - $133k

    EEO Requirements

    It is the policy of ASM that an individual's race, color, religion, sex, disability, age, gender identity, veteran status, sexual orientation or national origin are not and will not be considered in any personnel or management decisions. We affirm our commitment to these fundamental policies.

     

    All recruiting, hiring, training, and promoting for all job classifications is done without regard to race, color, religion, sex, veteran status, disability, gender identity, or age. All decisions on employment are made to abide by the principle of equal employment.