Cyber Security Analyst

Top Cyber Security Analyst Skills

Below we've compiled a list of the most important skills for a Cyber Security Analyst. We ranked the top skills based on the percentage of Cyber Security Analyst resumes they appeared on. For example, 7.3% of Cyber Security Analyst resumes contained Vulnerability Assessments as a skill. Let's find out what skills a Cyber Security Analyst actually needs in order to be successful in the workplace.

The six most common skills found on Cyber Security Analyst resumes in 2020. Read below to see the full list.

1. Vulnerability Assessments

high Demand
Here's how Vulnerability Assessments is used in Cyber Security Analyst jobs:
  • Conduct network vulnerability assessments using tools to evaluate attack vectors, identify system vulnerabilities and develop remediation plans and security procedures.
  • Involved in vulnerability assessments and vulnerability management processes and coordinate with ISSO in the remediation of all security threats.
  • Provide real-time vulnerability assessments for Information Assurance Vulnerability Alerts, Bulletins, and Technical advisories.
  • Assist in developing responses to internal & external audits, penetration tests and vulnerability assessments.
  • Performed penetration testing, vulnerability assessments, and security audits against network environments.
  • Conducted vulnerability assessments on various critical digital assets of the Nuclear Station.
  • Presented briefings to senior management officials on complex vulnerability assessments performed daily.
  • Analyze target networks, vulnerability assessments and composition of target networks.
  • Conducted vulnerability assessments and management for all systems and environments.
  • Developed and managed vulnerability assessments and management processes and procedures.
  • Perform vulnerability assessments across enterprise network.
  • Perform vulnerability assessments in customer networks
  • Provide threat/vulnerability assessments for leadership.
  • Performed vulnerability assessments, evaluated actions in place to mitigate risk, and the impact on the information and information systems.
  • Assisted in risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs.
  • Lead a small team to provide vulnerability assessments to external customers of the ITA networks.
  • Performed vulnerability assessments on multiple IT & OT (SCADA) enclaves.
  • Reviewed Key Risk Incidents(KRI) detected during Vulnerability Assessments.
  • Provided vulnerability assessments and management using McAfee Foundstone across multiple geographical regions.
  • Supervised defense of global Air Force cyberspace network-Performed cyber systems vulnerability assessments and penetrationtesting

Show More

2. Network Security

high Demand
Here's how Network Security is used in Cyber Security Analyst jobs:
  • Conduct risk assessments and collaborate with clients to provide recommendations regarding critical infrastructure, network security operations and Continuous Monitoring processes.
  • Conduct near real-time network security monitoring and intrusions detection analysis using security information and event management (SIEM) application.
  • Designed and implemented data network security measures, network intrusion forensics, and certification of systems and networks.
  • Report unresolved network security exposures, misuse of resources or noncompliance situations using defined escalation processes.
  • Identified and tested vulnerabilities and conducted research in the areas of information system and network security.
  • Monitor and drive network security patching and network security software compliance.
  • Provided network security consulting services to U.S. military customers.
  • Network security policy development and implementation (firewall, ACS, NAC, IPS, CX, FireEye, etc).
  • Execute Government approved security policies, plans, and procedures; implement data network security measures.
  • Develop and implement security policies and data network security measures to prevent breaches and viruses.
  • Design and configure lab network architecture to include Routing, Switching and Network Security.
  • Advised senior military leaders regarding cyber operations, information assurance, enterprise network security, and assimilating emerging technologies.
  • Plan, coordinate, and implement network security measures to protect data, software, and hardware on government networks.
  • Participated in the DISA Cyber Command Readiness Inspection (CCRI) Program for Network Security Reviewers.
  • Performed network security monitoring, detection, and analysis for U.S Joint Forces Command.
  • Design and coordinate the datacenter and global MPLS network security architecture.
  • Queried the Tenable Network Security (Nessus) plugin repository to check for associated CVEs.
  • Resulted in greatly improving the network security and protecting Entergy from Cyber terrorism.
  • Team lead for network security projects involving ASAs, FireEye, Gigamon, ACS, IPS, CX, etc.
  • Specialize in network and host centric analysis (Network Security Monitoring, Live Response, Malware Examination, Reverse Engineering).

Show More

3. Information Technology

high Demand
Here's how Information Technology is used in Cyber Security Analyst jobs:
  • Use encryption technology, penetration and vulnerability analysis of various security technologies, and information technology security research.
  • Implement information technology security program upgrades due to new technologies and technology advancements.
  • Analyzed and Consulted on all Information Technology (IT) acquisition packages coming from the Program office.
  • Conducted interviews with information technology personnel at NNSA Site Offices and Plants.

Show More

4. Incident Response

high Demand
Here's how Incident Response is used in Cyber Security Analyst jobs:
  • Generate detailed security incident reports and disseminate the reports in accordance with incident response and reporting standard operating procedures.
  • Handled any support tickets concerning information security matters, including reports of phishing e-mails and infected systems/incident response tickets.
  • Coordinated efforts and provided timely updates and recommendations to multiple business units during incident response.
  • Participated in the incident response process as necessary including investigating suspicious behavior.
  • Evaluate security incident response policies and recommend changes when necessary.
  • Performed log analysis in support of incident response operations.
  • Perform incident response and remediation.
  • Recovered important deleted files from re-formatted flash drive for incident response acts and performing ethical hacking tests within explicit bounds.
  • Diagnose and resolve technical problems with internal resources, performing computer incident response, forensics, and penetration testing.
  • Provided 24/7 incident response for FDIC's nationwide locations ensuring threats and vulnerabilities are quickly addressed and mitigated.
  • Create monthly Incident Response metrics for CISO, DOE Authorizing Official, and DOE Incident Response Center.
  • Document findings and create reports for CISO, Deputy Director of IT and DOE Incident Response Center.
  • Support Incident response teams during incident investigations, vulnerability assessment, malware analysis and the development of defensive security solutions.
  • Collaborated with the CISO, IT Operations, and MSSP to coordinate cyber security incident response management and forensic analysis.
  • Perform Incident Response in coordination, containment, and to remediate if machine has been compromised.
  • Implemented and supported the backup and restoration program and incident response for cyber assets.
  • Perform Network Monitoring and Incident Response operations supporting a 24x7x365 watch office.
  • Execute incident response processes when a security incident has been declared.
  • Conducted incident response for malware infections in the environment.
  • Responded to critical cyber incidents as a member of the Cyber Incident Response Team.

Show More

5. Information Security

high Demand
Here's how Information Security is used in Cyber Security Analyst jobs:
  • Developed information security documentation and provided remediation recommendations for high risk business systems to meet NIST 800-53 requirements.
  • Advise senior executives and leaders on designing and developing new tools and technologies related to information security.
  • Participate in the identification, tracking, and monitoring of information security threats and service operations.
  • Identified vulnerabilities, recommend corrective measures and ensure the adequacy of existing information security controls.
  • Collaborated with the CISO and Business to enhance information security awareness throughout the enterprise.
  • Plan and implement appropriate information security measures to protect networks and information.
  • Educated users on proper information security practices and procedures.
  • Provided internal information security awareness training.
  • Collaborated with the Chief Information Security Officer (CISO) to effectively manage the enterprise information security program at CFA Institute.
  • ANALYZE INFORMATION AND DATA TO RESOLVE ROOT CAUSES OF PROBLEMS: Expert ability to research and resolve information security problems.
  • Developed and Implemented information security governance processes including policies, procedures, requirements, risk management and RBD SOP.
  • Collaborated with the CISO to revise policies governing risk management and information security on an as needed basis.
  • Analyzed completeness and compliance to Information Security policies, Standards, Procedures, Guidelines, and templates.
  • Mentor and train others in information security in addition to training for other technical groups.
  • Operate Electronic Key Management System, other information security duties, and Public Key Infrastructure.
  • Familiarized development team with Federal Information Security Management Act (FISMA).
  • Assisted site in implementation of security measures needed for existing cyber assets in alignment with corporate information security standards.
  • Research new technologies related to Cybersecurity and Information Security and determine usefulness for the organization.
  • Analyzed information security systems; created security deliverables following NIST-37.
  • Evaluate adequacy of Third Party's Information Security Program, including policies, procedures, controls, staff and training.

Show More

Job type you want
Full Time
Part Time
Internship
Temporary

6. Malware Analysis

high Demand
Here's how Malware Analysis is used in Cyber Security Analyst jobs:
  • Utilized malware analysis techniques (advanced and static analysis) to identify and assess malicious software.
  • Designed network simulation and network emulation or malware analysis.
  • Performed basic malware analysis and reported findings.
  • Performed malware analysis on suspicious email attachments.
  • Used malware analysis to develop IDS signatures (Snort), and create reports for specific threats.
  • Support the EDSOC forensics and malware analysis capabilities.
  • Experience analyzing results of network analysis, malware analysis, and threat analysis Developing lessons learned and after action reports.
  • Perform malware analysis from shell code exploitation, obfuscation methods, and other exploits as defined in the public domain.
  • Performed malware analysis using well-known tools to produce pertinent IOCs and identify TTPs.

Show More

7. Nist Security Policies

high Demand

8. Assurance

high Demand
Here's how Assurance is used in Cyber Security Analyst jobs:
  • Developed and executed a comprehensive Information Assurance training program for junior IA military personnel.
  • Provided consulting services on a wide variety of information assurance topics.
  • Constructed quality assurance practices that were updated quarterly.
  • Assisted in the development and maintenance of DIACAP documentation and artifacts and improved information assurance processes throughout U.S. Army North.
  • Support the Joint Staff Information Assurance program including develop, collect, assess, and report IA metrics.
  • Provided subject matter expertise for review of Information Assurance (IA) related documentation on over 32 systems.
  • Identify specific assurance-related controls that are included in the low-, moderate-, and high-impact baselines.
  • Conduct tests of Information Assurance safeguards in accordance with established test plans and procedures.
  • Conduct Federal Information Security Management Act (FISMA) Information Assurance Annual Security Reviews.
  • Provided metrics to Quality Assurance Team Lead from completed projects.
  • Review all CSIRC generated cyber security tickets for quality assurance and follows up with additional technical analysis and guidance as necessary.
  • Experience with networking concepts, PCAP analysis, TCP/IP fundamentals, cyber security threats, SIGINT and Information Assurance product reporting.
  • Utilized project management and quality assurance practices to ensure the ATO packages reviewed were complete and met client requirements.
  • Assist in the creation of quality assurance reports to maintain that all incidents meet the requirements for reporting.
  • Deliver cyber intelligence to Information Assurance (IA) and entities that defend AMC critical networks.
  • Perform System Administrator duties for the Navy Enterprise Mission Assurance Support System (eMASS).
  • Parse data from Nessus ACAS scans and conduct software assurance scans with Fortify Software.
  • Input security authorization documents into Xacta Information Assurance Compliance System (IACS).
  • Provided ad hoc training to new information assurance analysts and technical writers.
  • Conducted Cyber Network Defense Service Provider (CNDSP) pre-assessments at the NNSA Information Assurance Response Center (NIARC).

Show More

9. DOD

high Demand
Here's how DOD is used in Cyber Security Analyst jobs:
  • Drafted alerts and detailed reports identifying network intrusions on compromised DoD hosts.
  • Designed and developed DoD network infrastructures.
  • Interpret incoming (classified and unclassified) Intel reports from various DOD agencies and take appropriate actions.
  • Provide SME support to Army, DoD, and Joint Cyberspace policies, projects and program initiatives.
  • Completed DIACAP Scorecards on various DOD systems in order for systems to achieve Certification and Accreditation.
  • Retained security audits logs both electronic and non-electronic and participated in the DoD/NSS PKI audits.
  • Developed correlation logic to aid in the future detection of threats to the DoD GIG.
  • Provide guidance on developing new documentation to meet the requirements of DODDI 8510.01 DIACAP implementation.
  • Developed risk assessment plans to test and verify system security IAW DOD Instruction 8510.01.
  • Identified threats to DoD infrastructure through real time analysis of logs and collections sensors.
  • Certified in accordance with DODD 8570.1.
  • Review NNSA/DOE, DOD, NISPOM, CNSSI and OMB policy and NIST SP 800 Series.
  • Brief CC/S/A/FA on the status of DoDIN defense.
  • Served as an advisory to Lines of Businesses (LOBs) guided by NIST, DOD, and industry best practices.
  • Maintain currency working knowledge of new technologies, evolving risks and cyber IA tools suitable for use within DoD/AF environments.
  • Review and submit the National Guard Bureau's DoD Cyber Scorecard, which includes all National Guard Joint Staff systems.
  • Collaborated with other DCISE, DoD, and USG analytical cells to ensure all DCISE products contained accurate technical information.
  • Completed various cyber security projects for FAA, DHS, DoD and other Federal agencies as a subcontractor.
  • Project: Patch Management Worked on patch management to maintain the DoD vulnerability program.
  • Maintain security appliances in accordance with DoD standards (e.g.

Show More

10. System Security Plan

high Demand
Here's how System Security Plan is used in Cyber Security Analyst jobs:
  • Generate security documentation, including security assessment reports, system security plans, contingency plans and disaster recovery plans.
  • Conduct system security planning and provide security documentation support.
  • Generate, review and update System Security Plans (SSP) against NIST 800-18 and NIST 800 53 requirements.
  • Assisted in the development and maintenance of system security plans and contingency plans for all systems under their responsibility.
  • Participate in the development and/or review of System Security Plans (SSP).
  • Develop and maintained System Security Plans (SSPs) and IA Control responses for assigned systems.

Show More

11. Risk Assessments

high Demand
Here's how Risk Assessments is used in Cyber Security Analyst jobs:
  • Participated in risk assessments to periodically re-evaluate sensitivity of the system, risks, and mitigation strategies.
  • Conduct qualitative/quantitative risk assessments; provide business continuity and disaster recovery planning and program support.
  • Performed risk assessments and managed the USCENTCOM Information Assurance Vulnerability Management program.
  • Updated Security Risk Assessments for multiple information systems based on vulnerability findings.
  • Participated in periodic information systems risk assessments.
  • Lead and performed compliance reviews of computer security plans, performed risk assessments, and validated security test evaluations and audits.
  • Conducted on site risk assessments of physician practices and medical groups in support of meaningful use (HIPAA).
  • Conducted security risk assessments as assigned within the approved IT compliance program and department and professional standards.
  • Perform and report on vulnerability scans and risk assessments.
  • Coordinate planning, scheduling and performing the risk assessments.
  • Perform security risk assessments of OPM business initiatives as well as low level information technology configurations and subsequently providing mitigations.
  • Worked with physician as well as management to remediate findings from regulatory audits and risk assessments in order to meet HIPAA.
  • Conduct Risk assessments at onsite and remote as recommended.
  • Conducted cyber threat analysis and provide risk assessments.

Show More

12. Intrusion Detection

high Demand
Here's how Intrusion Detection is used in Cyber Security Analyst jobs:
  • Monitor intrusion detection and security information management systems to discover malicious activity on U.S. Army command and control networks.
  • Introduce dashboards to identify preemptive attacks on corporate perimeter using intrusion detection and web application firewall technologies.
  • Developed signatures for intrusion detection systems to identify system exploitation.
  • Conduct firewall research and intrusion detection and determine false positives.
  • Verify potential intrusion detection events.
  • Provided clients assistance in protecting the wireless network by monitoring, detecting, and reporting via AirDefense wireless intrusion detection system.
  • Configured and maintained security equipment and software including firewalls, Intrusion Detection Systems (IDS), and Proxy servers.
  • Provide network intrusion detection expertise to support timely and effective decision making of when to declare an incident.
  • Provide 24/7 continuous in-depth real time network intrusion detection analysis and remediation on a variety of networks.
  • Monitor and analyze Intrusion Detection Systems (IDS) to identify security issues for remediation.
  • Monitored Intrusion Detection Systems and ArcSight channels for threats and vulnerabilities.
  • Configured, assemble and install Network Intrusion Detection Systems.
  • Configure and monitor Snort Intrusion Detection Software.
  • Perform backend tuning to intrusion detection and health monitoring event management platforms to ensure optimum analysis
  • Provided training on Intrusion Detection System/Intrusion Prevention System, penetration testing using Wireshark.
  • Utilize Intrusion Detection System (IDS) tools and concepts such as Packet analysis, Malware analysis and problem solving skills.
  • Correlated data from intrusion detection and prevention systems with data from firewalls, webservers, and DNS logs.
  • Monitor intrusion detection and prevention systems and other security event data sources on a [ ] basis.
  • Installed & configured AirTight Wireless Intrusion Detection (WIDS) system, Splunk SEIM server.

Show More

13. Ips

high Demand
Here's how Ips is used in Cyber Security Analyst jobs:
  • Manage vendor relationships for security compliance.
  • Complete Security Controls Assessments using information types from NIST 800-60, FIPS-199 CIA categorizations, and NIST 800-53 security control baselines.
  • Created and maintained relationships with Fortune 500 companies leading to contract extensions as well as achieving a 98.7% utilization rate.
  • Configured IDS/IPS, penetration testing, firewall rule sets, Vulnerability analysis, Forensics, IDS/IPS rule sets and signature creation
  • Work with the network operations team to ensure that malicious hosts are blocked at the boundary and on the IPS.
  • Provide oversight of the systems and related documentation that are subject to Critical Infrastructure Protection Standards (CIPS).
  • Make recommendations for tuning the host and network-based IDS/IPS to further enhance detection of anomalies.
  • Audit Checkpoint Firewall and IDS/IPS logs for network and security assessments.
  • Build and maintain client relationships with VA through positive interactions.
  • Created custom TippingPoint IPS signatures.
  • COMMUNICATE WITH OTHERS AND CULTIVATE RELATIONSHIPS with external organizations.
  • Organized and facilitated cross-agency meetings concerning analytical sharing and partnerships.
  • Used historical data to create signatures for IPs/domains/URI s and other HTTP content to detect and prevent referrers to malicious content.
  • Updated IPs or domains being poisoned through the Enterprise Email filtering status to prevent network from being compromised.
  • Managed threat-sharing relationships (DCISE, DSIE); received, analyzed and processed shared indicators.
  • Worked with third party vendors to find IPs for each controller that the BMS system uses.
  • Performed analysis on hostile IPs/URLs, confirming that IP/URL is compromised and spreading malicious logic.
  • Served as an information security advisor to our business and IT partners, establishing trust relationships through active engagement and collaboration.
  • Administered Cisco IPS, Snort Sensors, and Tippingpoint SMS/IPS devices and engineered the rollout of the devices and configurations.
  • Managed blacklisting and blocking of malicious/suspicious URLs, TLDs and IPs.

Show More

14. IDS

high Demand
Here's how IDS is used in Cyber Security Analyst jobs:
  • Monitored IDS and firewall activity.
  • Implemented a secured S-95 network (IDS-IPS) including firewalls, intrusion detection systems, and intrusion prevention systems.
  • Analyze network traffic and IDS alerts to assess, prioritize and differentiate between potential intrusion attempts and false alarms.
  • Developed and documented procedures for installing, configuring, and managing Snort IDS as a possible enterprise solution.
  • Use provided vulnerability, threat, and recent exploit discoveries to create and deploy Snort IDS signatures.
  • Create, modify, and update IDS and Security Information and Event Management (SIEM).
  • Reviewed and created snort IDS rules for consistency and eliminate load strain on the network.
  • Validate intrusion detection system (IDS) alerts against network traffic using packet analysis tools.
  • Monitored IDS, IPS, firewalls, and file integrity monitoring to identify malicious traffic.
  • Worked closely with the engineering team to support the updates/maintenance of the IDS/IPS systems.
  • Work with IDS team on reducing risk, identifying threats and internal compliance issues.
  • Transferred from the Pentagon to fill as technical lead for the IDS team.
  • Performed first line support for NIDS and HIDS network sensors service interruptions.
  • Analyzed, deployed, and tuned signatures for the IDS/IPS systems.
  • Utilized various IDS/IPS systems including Snort and BRO.
  • Recommend IDS filters to eliminate false positives.
  • Contributed to a team of approximately ten Cyber Security professionals working with Intrusion Detection System (IDS) software and hardware.
  • Completed network forensics using network logs from AV, IDS, firewalls, netflow, and proxy logs.
  • Submit requests for new IDS/IPS signatures, or ad hoc information requests.
  • Performed daily packet level analysis and review of IDS, syslog, firewall, bluecoat, netflow, and ironport logs.

Show More

15. Security Incidents

average Demand
Here's how Security Incidents is used in Cyber Security Analyst jobs:
  • Produce written products regarding potential information security incidents and technical analysis of a wide range of information security topics.
  • Perform in-depth analysis of escalated security incidents, guiding teammates and initiating impromptu training sessions as necessary.
  • Report and investigate data security incidents as well as the recommendation of corrective actions.
  • Analyze, escalate, and assist in remediation of critical information security incidents.
  • Reported impacts of Security Incidents to FDIC executive management.
  • Completed work orders and complete resolution of security incidents.
  • Coordinate with appropriate organizations regarding possible security incidents.
  • Report on security status and security incidents.
  • Created monthly, quarterly and annual self-assessment metrics for senior management and was responsible for reporting security incidents to the DOE.
  • Provide information regarding intrusion events, security incidents, and other threat indications and warning information to the client.
  • Conduct a weekly review of audit logs of network and application systems noting any security incidents.
  • Coordinated computer security incidents, virus reports, and provide regional INFOSEC guidance.
  • Analyze and take proper actions according to various security incidents and various problems.
  • Document and contain security incidents detected on the network.
  • Provided detailed status updates on existing cyber security incidents to include follow up with client/customer to ensure satisfactory resolution.
  • Provided safe haven for 3,000+ IT device and protected assets with 100% positive control/zero security incidents.
  • Stay up to date with current cyber/network vulnerabilities, attacks, and security incidents.
  • Triaged security incidents in multiple languages including Spanish and French.
  • Generated all technical reports to identify PA assets affected by cyber security incidents using PA network tools (i.e.
  • Assisted with responses to cyber security incidents such as malware detections and malicious activities.

Show More

16. POA

average Demand
Here's how POA is used in Cyber Security Analyst jobs:
  • Updated Plan of Action & Milestones (POA&M) and Risk Assessment based on findings assessed through monthly updates.
  • Put together Authorization Packages (SSP, POA&M and SAR) for Information systems to the Authorization Officer.
  • Track and support the closure and reporting of open Plan of Action and Milestones (POA&M) actions.
  • Developed security assessment report, risk calculation, finalized the POA&M spreadsheet as part of the assessment procedures.
  • Perform in-depth analysis on Plan of Action and Milestones (POA&M) items and provided recommendations for resolution
  • Collect input from various assessments and provide a combined Plan of Action and Milestones (POA&M).
  • Updated POA&M tracking sheets as it pertains to information systems vulnerability findings tracking sheets on multiple systems.
  • Contribute to initiating FISMA metrics such as Annual Testing, POA&M Management, and Program Management.
  • Coordinated the remediation of Plan of Action and Milestones (POA&M) findings with various groups.
  • Develop and perform tracking of POA&M items and coordinate with team on mitigation strategies.
  • Conducted gap analysis to make sure correct controls were in POA&M.
  • Track the progression of POA&Ms to ensure that they remain on schedule, and relevant to that particular reporting.
  • Document plans of action and milestones (POAMs), security assessment reports, and test plans.
  • Coordinated with ISSO's and Application Developer to create remediation plan to TRACK POA&Ms.
  • Submitted POA&Ms for vulnerabilities that cannot be mitigated.
  • Create and manage POA&Ms and provide a quarterly POA&M status in.
  • Develop and monitor system level risk (POA&Ms) throughout the SDLC.
  • Identify system risk impact based on emerging cyber threats and system POA&Ms.
  • Documented POA&Ms to remediate vulnerabilities of various traditional systems.
  • Develop SA&A documentation (SSP, SAP, SAR, RAR, POA&Ms) necessary for ATOs.

Show More

17. Acas

average Demand
Here's how Acas is used in Cyber Security Analyst jobs:
  • Engineer ACAS deployment solution for enterprise network scanning across the laboratory for vulnerability detection and compliance.
  • Performed Vulnerability Management Team ACAS administration duties.
  • Work highly in penetrating testing using ACAS security center, work with TIVOLI software pushing patches on a daily basis.
  • Utilized Assured Compliance Assessment Solution (ACAS), to scan for vulnerabilities in host machines to ensure security compliance.
  • Utilized Assured Compliance Assessment Solution (ACAS), to scan for vulnerabilities in work stations and servers.
  • Perform vulnerability scans, analyze results and prepare weekly report using tools such as ACAS.
  • Act as Command POC for subordinate commands regarding issues with ACAS and VRAM
  • Locate and re-mediate potentially unsafe programs and files using ACAS.
  • Upload audit files to ACAS in preparation for STIG scans.
  • Perform credentialed ACAS scans as requested ?Verify accuracy and compliance status of all IT assets.
  • Utilize eMASS, ACAS, and other validation tools to properly recommend system package certification compliances.

Show More

18. Security Assessment

average Demand
Here's how Security Assessment is used in Cyber Security Analyst jobs:
  • Participated in security assessment activities, including: client communication, data analysis, assessment documentation and client exit briefings.
  • Created Security Assessment Reports on information systems and applied corrective action plans for remediation and compliance.
  • Performed application security assessment on both internal and external applications.
  • Performed vulnerability scans and security assessments against Army websites.
  • Develop Security Assessment Plan (SAP) to initiate Security Assessment for low, moderate and high control information systems.
  • Mentor and train new hires on the security assessment and Independent Validation and Verification (IV&V) process.
  • Generate a Security Assessment Report (SAR) based on findings to submit to System Owners.
  • Aided in conducting interviews for the creation of implementation statements for the Security Assessment Report.
  • Assisted in the creation of a Security Assessment Report for the Peace Corps.
  • Prepared and submitted Security Assessment Plan (SAP) to CISCO for approval.
  • Incorporate vulnerability scan reports into the Security Assessment Report (SAR).
  • Conducted Security Assessment on the Technical Controls to ensure Compliance.
  • Tracked completion of the Security Assessment Package and report status.
  • Conducted system security assessments based on NIST 800-53.
  • Provided short-term Information Systems Security support for the security assessment of several FAA AVS information systems.
  • Execute data analysis, remediation, process improvements, and technical cyber security assessments.
  • Performed detailed Physical Security Assessments (PSAs) and evaluations of military installations.
  • Performed security assessment utilizing the NISTIR 7628 (Guidelines for Smart Grid Cyber Security.)
  • Provided cyber security assessments for the Defense Information Agency-Field Security Operations in support of Cyber Command Readiness Inspections.
  • Provide cyber security and privacy analysis and consulting throughout the security assessment and compliance lifecycle process.

Show More

19. Firewall

average Demand
Here's how Firewall is used in Cyber Security Analyst jobs:
  • Evaluated firewall change requests and assess organizational risk.
  • Lead team managing global Checkpoint Firewall infrastructure.
  • Worked on firewall monitoring and configuration.
  • Monitor and review firewall communications.
  • Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access.
  • Analyze firewall log data using manual and automated means to look for potential threats or system compromise.
  • Provide oversight and guidance regarding technical policies such as firewall rules, ports, protocols, etc.
  • Monitored security logs from firewalls (Checkpoint) and IDS (ISS and Snort).
  • Create job aides for workstations, server, firewalls, and switches
  • Reviewed and approved firewall rule creations, modifications, and removals.
  • Researched Data Diode and Firewall boundary levels and defensive strategies.
  • Trouble shoot network firewall issues with multiple profiles.
  • Experienced Hacker, Strong Skills on firewall.
  • Implemented Firewall and Proxy rules.
  • Performed 24x7 customer firewall change requests Troubleshot points of failure from packet origination to destination
  • Describe in detail the management or operation of cyber security products, including, but not limited to firewalls.
  • Assist in the implementation of routers, switches, and firewalls as directed by cyber security engineer.
  • Coordinate and address security issues/rights with routers, switches remote user, VMware clients and firewalls.
  • Implement firewall and proxy blocks for malicious IPs, domains and hashes.
  • Install, administer, and maintain Fortinet and Palo Alto UTM Firewalls for organization.

Show More

20. Fisma

average Demand
Here's how Fisma is used in Cyber Security Analyst jobs:
  • Conducted FISMA complaint security control assessments to ascertain the adequacy of management, operational, technical privacy controls.
  • Analyzed submitted documentation to certify sites as being security enabled according to FISMA guidelines.
  • Protected critical information assets and assure compliance with NIST, FISMA, Federal regulatory policies/standards and industry best practices.
  • Performed Federal Information Security Management Act (FISMA) audit reviews using NIST 800-37 rev 1.
  • Coordinated CCRI preparedness assessments to comply with FISMA in support of the Government Task Orders.
  • Monitor controls post authorization to ensure continuous compliance in accordance to FISMA guidelines.
  • Preform self-assessments to obtain passing FISMA Metrics/ Scorecards.
  • Provided support for annual FISMA reporting, A&A support for twenty two different systems following 800-53 standards.

Show More

21. Nessus

average Demand
Here's how Nessus is used in Cyber Security Analyst jobs:
  • Performed scans using Nessus and Security Center for vulnerability scans and continuous monitoring of an environment consisting over 11000 endpoints.
  • Performed Nessus active vulnerability scans and compliance checks to validate the integrity of application and operating system configuration baselines.
  • Perform Nessus vulnerability scans on behalf of a global pharmaceutical conglomerate.
  • Performed vulnerability scanning with Nessus.
  • Execute vulnerability, compliance, and web application scans across the network using BigFix, Nessus, and HP WebInspect.
  • Assist or lead technical assessments using standard industry tools such as Nessus, AppDetective, WebInspect, and others.
  • Assisted to conduct Network and Application Vulnerability Assessment (NVA & OASA), using NMAP, Nessus and AppDetectivePro
  • Manage ACAS (Nessus) server as well as run scans on all workstations and servers
  • Worked with Nessus scans and analyze and interpret the results.
  • Configure standalone Nessus scanner for proper use.
  • Conducted compliance and vulnerability scans using Nessus to scan Software-as-a-Service( SaaS) Amazon Web Services (AWS) cloud infrastructure.
  • Use Nessus Vulnerability scanner to scan for vulnerabilities, where vulnerabilities are discovered, documented, reported, and remediated.
  • Experience in ACAS/Nessus or other scanning tools and their communication with McAfee ePo server.
  • Perform daily vulnerability assessment, threat assessment, utilizing Nessus, NMAP & Metasploit
  • Create and update Nessus compliance files for Windows 7, Server 08, Solaris 10 and RHEL 6.
  • Conducted Nessus scheduled and ad- hoc scans to support remediation; created/configured custom Dashboards views for reporting vulnerabilityanalysis and compliance.
  • Used a variety of industry leading technologies to conduct cyber security operations including Splunk, Nessus and CheckPoint Firewalls and IPS.
  • Assisted in a vulnerability assessment, using Nessus and Nmap, and a penetration test, using Metasploit.
  • Execute and interpret vulnerability scan (e.g., Nessus, Netsparker, ) and STIG audit results.
  • Experience with Blue Team tool suite such as Retna, Nessus NMap, Scap, and WireShark.

Show More

22. Network Traffic

average Demand
Here's how Network Traffic is used in Cyber Security Analyst jobs:
  • Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources.
  • Monitored network traffic utilization using SPLUNK software utilizing dashboard graphing, charting and reporting.
  • Performed 24/7 security incident monitoring and network traffic analysis with daily review of data.
  • Performed hunt and anomaly-based analysis on substantial amounts of network traffic.
  • Reviewed and analyzed firewall, IDS, and security appliance logs, and network traffic for unusual or suspicious activities.
  • Use reverse engineering tools and techniques as it pertains to network traffic collection and analysis.
  • Monitor and analyze network traffic by investigating events triggered by IDS/IPS sensors and HIDS agents.
  • Analyzed network traffic and IDS alerts against potential intrusion attempts and false alarms.
  • Analyze network traffic and various data to determine the threat against the network.
  • Network security analyst - IDS Monitoring- monitor ids systems network traffic alerts.
  • Monitor and analyze all network traffic for all UTC Companies worldwide.
  • Monitor DoD classified and unclassified network traffic for malicious threats.
  • Monitor ECMC Network traffic for security threats and compliance issues.
  • Monitored and analyzed network traffic and IDS alerts.
  • Analyzed network traffic and released cyber security awareness reports to deployed Navy ships.
  • Monitored network traffic for anamolies.
  • Analyze network traffic logs and syslog data to detect insider threat activities.
  • Analyzed network traffic flows using Wireshark to troubleshoot various network issues.
  • Utilize Netwitness to obtain .Pcap (IP Packet Capture) and network traffic for further analysis.

Show More

23. Mcafee

average Demand
Here's how Mcafee is used in Cyber Security Analyst jobs:
  • Conducted vulnerability scans using McAfee Vulnerability Manager and WebInspect and monitored remediation efforts.
  • Worked with network and infrastructure engineers to create and implement McAfee Move/EPO policies for use with new VDI environments.
  • Researched IDS alerts through McAfee ESM and NSM to form daily reports on network activity and traffic.
  • Created and managed custom signatures in McAfee and SiteProtector Intrusion Prevention Systems to mitigate threats.
  • Administered Cisco IDS's, McAfee firewalls, BIND servers.
  • Submit virus samples to McAfee for signature generation.
  • Deployed point products and upgrades; McAfee Agent, HIPS and VSE.
  • Update the McAfee signature to scan the external drives, laptops, computers and CDs.
  • Worked with monitoring tools such as Wireshark and McAfee NTR (Network Threat Response).
  • Drafted network intrusion cases in McAfee McAfee Enterprise Systems Management Used forensically sound procedures to determine results.
  • Lead McAfee EPO administrator * Evaluated systems and software for impact against the organizations security posture * Ensured compliance with DoD regulations

Show More

24. Splunk

average Demand
Here's how Splunk is used in Cyber Security Analyst jobs:
  • Monitored security logs from Firewalls (Checkpoint) and SPLUNK.
  • Recognize and investigate potential issues by identifying suspicious and abnormal activity utilizing Splunk by analyzing firewall and proxy logs.
  • Monitor computer networks to ensure safeguards are in place to protect data by leveraging BRO logs and splunk data.
  • Created Splunk queries to search for exploit attempts the company was not currently looking into.
  • Assist in the implementation of Splunk for event log collection and analysis.
  • Used Splunk to investigate traffic data.
  • Perform on-site security testing to detect potential risks using vulnerability scanning tools including Nessus and Splunk.
  • Perform network monitoring by using Symantec SIM, ISS and Splunk to find alerts and gather data.
  • Created Splunk queries and reports to identify alert conditions for questionable access.
  • Analyzed intrusion alerts in Sourcefire, RSA Security Analytics, QRadar, and Splunk.

Show More

25. Siem

average Demand
Here's how Siem is used in Cyber Security Analyst jobs:
  • Monitor OSI layers 2-7 for malicious traffic, vulnerabilities, or other anomalies using ArcSight SIEM or accessing devices directly.
  • Monitored network alerts and traffic using McAfee Network Intrusion Prevention System (IPS) and ArcSight (SIEM).
  • Analyze and correlate logs from various sources using a Security Information and Event Management system (SIEM).
  • Worked with SIEM Tools to detect malicious activity on a network by monitoring/analyzing real time events.
  • Investigate incidents using SIEM technology, packet captures, reports, data visualization, pattern analysis.
  • Created custom network based signatures to improve defensive posture within NIDS and SIEM.
  • Experience with development of correlation rules within an enterprise SIEM.
  • Coordinated with vendors to assist with the SIEM Tools.
  • Utilize Security Information Event Management (SIEM) software including HP ArcSight and Splunk for security log management and event correlation.
  • Operate SIEM (Nitro) console in order to monitor the environment for events of interest.
  • Researched latest malware attacks & methodology to tune signatures and provide content for SIEM engineering.
  • Utilized Netwitness for full packet capture when correlating events from the SIEM.
  • Trained eight new, incoming analysts on Arcsight SIEM.

Show More

26. Wireshark

average Demand
Here's how Wireshark is used in Cyber Security Analyst jobs:
  • Analyze packet data utilizing WireShark and other open source research.
  • Conducted dynamic packet analysis of traffic by using Wireshark and collecting threat intelligence to ensure secure data transmission between classified systems.
  • Utilized Wireshark to examine network captures (PCAP files)
  • Scanned for network vulnerabilities using Nmap and Wireshark for analysis and false positive analysis.
  • Extracted PCAP and .bin files from Wireshark for use in additional research and analysis on anonymous network.

Show More

27. RMF

average Demand
Here's how RMF is used in Cyber Security Analyst jobs:
  • Assess external information security audits and integrate vulnerabilities into existing Risk Management Framework (RMF) process.
  • Adapt Risk Management Framework (RMF) principles found in NIST 800-37 to organize daily and future tasks to be completed.
  • Assist in the development of a risk heat map in support of RMF Step 6, Continuous Monitoring.
  • Analyzed and Assessed RMF implementation on two DOD systems and documented residual risk information on system POAM.
  • Perform C&A review and system compliance validation before submitting completed artifacts for DIACAP/DIARMF package.
  • Experienced in system classification and categorization using the RMF processes to ensure system CIA.
  • Ensured required Annual Security Testing for unclassified systems per RMF Knowledge Service.
  • Utilized RMF methodology as guidance during A&A resiliency efforts.
  • Initiated and review artifacts in compliance with NIST RMF process.
  • Helped in the transition of DIACAP packages over to RMF.
  • Prepare and submit completed RMF packages for approval and accreditation.
  • Complete Risk Management Framework (RMF) package.
  • Register the systems to make sure that they are FISMA compliant and support the RMF process for C&A.
  • Participated in development and review of DIACAP/RMF documentation, Networthiness Documentation, and ensure STIG compliance and validation.
  • Reviewed/Edited Cyber Security Documentation required for ATO (Authorization to Operate) in compliance with NIST RMF process.
  • Validated appropriate RMF compliance for 67 control families which produced full ATO for two IT sub systems.
  • Experience with RMF process and writing POA&Ms prior to conducting cyber security assessments for DISA.

Show More

28. Arcsight

average Demand
Here's how Arcsight is used in Cyber Security Analyst jobs:
  • Design and monitor dashboards in the ArcSight ESM to discover malicious attack coming in and out of the networks.
  • Reviewed, prioritized, and analyzed incident reports using NIKSUN, ARCSIGHT and ASIM CIDDS.
  • Provided ArcSight and Intrushield account administration.
  • Performed information gathering from appropriate tools and databases such as Arcsight correlation tool, log appliance and packet capture.
  • Performed investigation and analysis utilizing different tools such as Symantec Network Security, McAfee IPS, and Arcsight correlation tool.
  • Conducted investigation into suspicious network events with tools including ArcSight/McAfee ESM, Splunk, Snort IDS, and Altiris.
  • Perform investigation and remediation with ArcSight Logger, RSA Netwitness, and Wireshark.

Show More

29. Security Events

average Demand
Here's how Security Events is used in Cyber Security Analyst jobs:
  • Work with provider of Security Event Monitoring, review security events and manage any resulting investigation and implementation of remedial action.
  • Performed advanced functions in the following areas: tracking of all reported security events/incidents and their resolution.
  • Monitor for and investigate potential and significant security events and incidents.
  • Develop CND assessments and reports, daily and weekly trends of incidents, and security events across the DOD.
  • Served as a Crisis Management Information Manager on the OSD Watch staff during exercises and National Special Security Events.
  • Use SIEM technologies and other native tools to perform the monitoring of security events on a 24x7 basis.
  • Perform log analysis regarding security events and monitor & respond to security events on a 24/7 rotating schedule.
  • Collect, analyze and correlate Network Intrusion Prevention System event logs in an effort to validate security events.
  • Review security events that are populated in a Security Information and Event Management system (SIEM).
  • Detect, create tickets, report, and perform classification of computer security events and incidents.
  • Analyze, research, and investigate all security events, incidents, and security violations.
  • Developed assessments and reports, weekly trends of incidents, and security events.
  • Work effectively with technical staff members in other groups to resolve security events.
  • Answered user calls and provided incident response to security events.
  • Develop and implement standard methodology using Arcsight Use Case UML processes that identify procedures for correlating security events.
  • Seek resolution of identified Cyber Security Events through collaboration with security professionals across the United States.
  • Analyzed network traffic and security events in a critical and challenging cyber environment.
  • Assisted with filtering Splunk Enterprise Security events.
  • Correlate actionable security events; perform traffic analysis using analytical tools, malware analysis concepts and various network sensors.

Show More

30. Stig

low Demand
Here's how Stig is used in Cyber Security Analyst jobs:
  • Performed data security incident and event investigations and responsible for escalation of security-related problem resolution and final root cause analysis.
  • Performed immediate incident investigation and escalation to clients through alert configuration based on data priority and event severity while on-call.
  • Work collaboratively with various departments Operational Divisions to conduct event and incident investigations and correlations to discover existing threats.
  • Conducted internal investigations on employees who were suspected of using corporate assets for misconduct.
  • Verified and coordinated investigation of security incidents with analyst and production teams.
  • Perform thorough investigations of Security Incidents using available tools and resources.
  • Conducted counterintelligence investigations/inquiries and prepare formal reports of findings and recommendations.
  • Coordinate with JC3-CIRC and investigate security incidents reported against agency networks.
  • Conducted exploit and vulnerability research and investigations.
  • Created custom channels within ArcSight ESM used to find and investigate anomalous or malicious activity on company networks.
  • Assist with the investigation, resolution, and tracking of process and submission discrepancies and irregularities.
  • Investigate, document, and report on information security issues and emerging trends.
  • Investigate computer incident and provided report to the Forensic Team for follow-up.
  • Translate analytical findings into security use cases which walk through the monitoring, investigation, and detection scenarios for security incidents.
  • Performed comprehensive investigations of cyber security breaches and collected metrics.
  • Performed comprehensive investigations of cyber security breaches.
  • occur, investigate and triage to determine cause and further action.
  • Supported cyber security investigations amongst: IDS/IPS systems.
  • Assist in discovery of cyber vulnerabilities, investigation of global cyber security incidents, and prepare Cyber Security Incident Report.
  • Utilize REGEX and various scripts (OpenDNS Investigate.py, WebsensePING.bat, TekDefense Automater.py.

Show More

31. Security Tools

low Demand
Here's how Security Tools is used in Cyber Security Analyst jobs:
  • Design and integrate custom rules and reports into military security tools and data collection architectures.
  • Resolve issues identified with security tools and systems on a daily basis, ensuring BAU.
  • Involved in vetting and suggesting security tools and solutions at Silicon Valley Bank.
  • Performed tuning, routine maintenance, and updates on our security tools.
  • Utilized security tools such as Nessus for network hosts vulnerability scanning and remediation.
  • Researched, evaluate and test new cyber security tools and capabilities Highly effective communicator (both verbal and written).
  • Created documentation on security tools and their use, while developing use cases for analyzing malware and phishing campaigns.
  • Key member of Incident Response team to use security tools like Q-Radar & Splunk.
  • Analyzed new and existing cyber security tools for use in the CHIL.

Show More

32. Disa

low Demand
Here's how Disa is used in Cyber Security Analyst jobs:
  • Planned development to include assessment and understanding of system safeguards, security provisioning and disaster preparedness and test plans.
  • Maintained network equipment, testing of satellite equipment, safety and functionality of NASA Disaster Recovery Vehicles.
  • Performed review of business continuity and disaster recovery planning, implementation and plan testing results.
  • Collaborated with IT Leadership to support risk management activities around disaster recovery and business continuity.
  • Implemented contingency and disaster recovery plans reflecting business priorities of executive management.
  • Experienced in planning and testing business continuity and disaster recovery plans.
  • Involved in the preparation of Disaster Preparedness guidance and documentation.
  • Provide reports on new developments in briefings, presentations and other formats to DISA leadership and subordinate organizations.
  • Developed Security Support Interview Questionnaire for clients according to SANS 20 Critical Controls, NIST, and DISA.
  • Assisted in the maintenance of network equipment, testing of equipment and functionality of NASA DisasterRecovery Vehicles.
  • Provide the DISA staff an integrated picture of daily enterprise services status and emergent computer/network incident details.
  • Evaluated and recommended approval, disapproval, or waivers for IS processing national security data.
  • Developed policies, procedures, and work instruction, and disaster recovery plans.
  • Check all laptops entering building to ensure wireless disabled through bios.
  • Created Disaster Recover Plan for United States Dept.
  • Responded to DISA's weekly IAVA reports.
  • Served as a project lead to coordinate the schedule for the Security Readiness Review (SRR) Walkthrough courses with DISA.
  • Submitted trouble tickets to DISA for issues with mitigations and reporting compliance to IAVAs.

Show More

33. SOC

low Demand
Here's how SOC is used in Cyber Security Analyst jobs:
  • Conduct proactive computer network defense operations based on established NSOC procedures.
  • Provided support for the NSOC's Incident Response 24x7 support capability during non-core business hours consistent with CND requirements as needed.
  • Develop risk management guidelines associated with the SA&A process and recommend improvements to authorization processes.
  • Provide timely reporting and escalation of all incidents reported directly to Secure Operation Center (SOC).
  • Assess and communicate all security risks associated with any and all practices performed by the company.
  • Advise PM Mission Command concerning the RMF process and associated actions required for system accreditation.
  • Developed training for U.S. Special Operations Command (SOCOM) FOIA subject matter experts.
  • Review and provide feedback of potential security software to be utilized by the SOC.
  • Use ProofPoint to blacklist email addresses block senders and IP addresses associated with SPAM.
  • Conduct a social engineering campaign to find physical security flaws at headquarters.
  • Responded to security escalations received from the Security Operations Center (SOC)
  • Performed and documented various types of social engineering tasks.
  • Collaborate with the risk manager and vulnerability management teams to obtain situational awareness on emerging weaknesses associated with possible exploits.
  • Present recommendations regarding management, operational, or technical controls to mitigate risk associated with noncompliant controls.
  • Provide 24/7 shift coverage as a member of the Cyber Security Operations Center (CSOC), Regional Computer Emergency Team.
  • Assist project manager with shaping SOC operations at HUD Learn logistics of Hyperion program for training and development purposes
  • Created and implemented workflow and QA process used by SOC.
  • Created SOPs for handling incidents through its lifecycle, in order for the SOC to be in compliance for security requirements.
  • Collaborated and gathered information for cyber intelligence reports, per the direction of CSOC Management and the Cyber Intelligence Team.
  • Monitor the Security Operations Center (SOC) hotline, email inboxes, and other communications.

Show More

34. Computer Networks

low Demand
Here's how Computer Networks is used in Cyber Security Analyst jobs:
  • Provide computer security-related assistance to field units in countering vulnerabilities, minimizing risk, and improving posture of computer networks.
  • Analyze digital/computer networks and task emerging targets for collection.
  • Maintain and administer computer networks and related computing environment.
  • Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information.

Show More

35. Cyber

low Demand
Here's how Cyber is used in Cyber Security Analyst jobs:
  • Conducted intelligence analysis support of national and combatant commander cyberspace requirements.
  • Maintained CYBERCOM compliance reporting in DISA's Vulnerability Management Systems (VMS) IAVM program.
  • Monitored hostile, unknown, and friendly computer network operational pictures maintained by other cyber organizations.
  • Developed, in conjunction with IT and Cyber Security Support development, functional specification documents.
  • Manage company-wide efforts in areas of security monitoring, cyber threat and vulnerability management.
  • Identified the key technical threats relevant to PA as reported via Cyber News advisories and report findings to management.
  • Reviewed all documentation provided by other Cyber Specialists and Auditors and signed off on the assessments as reviewer.
  • Review available cyber surveillance data to further develop and improve the threat scenarios and use cases.
  • Provide on-site Cybersecurity and IA technical expertise as it pertains to federal and U.S. Navy guidance.
  • Led business evidence data request teams for two CIP cyber security compliance audits.
  • Helped develop the Threat Intelligence Cycle for the Cyber Threat Intelligence Team.
  • Spearheaded methodology changes to the composition of Critical Cyber Asset List.
  • Plan and develop products for the annual Cyber Security conference.
  • Supported the U.S. Senate as a Cyber Security Analyst.
  • Recommended a standard approach Cyber Security Policy Exceptions process for raising exceptions to the Cyber Security Policy.
  • Coordinated all technical aspects of software and hardware patching initiatives that affect Cyber Security to the PA (i.e.
  • Understand cyber-attack methods such as SQL Injection and Cross Site Scripting attacks (XSS).
  • Supported and maintained anti-malware software on all cyber assets.
  • Prepare a Cyber Data Analytics report.
  • Support the development of new cyber data analytics techniques, and prepare a Cyber Analytics Report.

Show More

36. Security Posture

low Demand
Here's how Security Posture is used in Cyber Security Analyst jobs:
  • Strengthened security posture utilizing the Risk Management Framework and supported the overall security program by implementing policies and procedures.
  • Assist ARCENT customer in continuous management of security posture, performing both offensive and defensive computer operations.
  • Created a Continuous Monitoring Dashboard which provides an over-view of current security posture.
  • Performed vulnerability assessment of computers and networks to evaluate their security posture.
  • Proposed and implemented changes to bolster network security posture.
  • Develop a Scorecard, published monthly, that depicted the overall security posture of the command's information systems.
  • Assisted in updating DNS BlackHole and IP Block List and ensured high side security posture.
  • Participated in client interviews to determine the security posture of the System.
  • Reported recommendations used to enhance the security posture of the client.
  • Implement approved changes that address the security posture.
  • Enhanced the cybersecurity posture of the Transportation Security Administration (TSA), and its stakeholders.
  • Assess the Army s Cybersecurity posture to determine capability gaps and remediation towards a holistic approach.
  • Maintain highest physical security posture using NISPOM standards for guidance.

Show More

37. Contingency Plans

low Demand
Here's how Contingency Plans is used in Cyber Security Analyst jobs:
  • Assisted with development Contingency plans, Disaster Recovery Plans, and Incidence Response plan for Information Systems using NIST SP 800-34.
  • Develop and monitor Contingency Plans (CP), Incident Response Plans (IRP) and specific security documentation.

Show More

38. Linux

low Demand
Here's how Linux is used in Cyber Security Analyst jobs:
  • Provided maintenance visits on a monthly basis, troubleshooting various technical problems and performing operating system administration with Linux-based computer systems
  • Perform in-depth analysis on Linux web host servers to identify sources of intrusion and vulnerability.
  • Scan for application, server and web vulnerabilities on Windows, Linux, Mac OSX and network equipment.
  • Installed, monitored and supported Web and Application Servers on Linux environments.
  • Scripted Unix/Linux STIGs for reduced analysis time and improved accuracy.
  • Perform server administration tasks on Windows Server 2008 R2, Windows Server 2012 R2 and Linux CentOS and openSUSE based servers.
  • Installed and configured operating systems including Windows, iOS, Android, Apple OS X, and Linux.
  • Conducted classified information system (Windows, Linux) audits to ensure NISPOM compliance.

Show More

39. Security Requirements

low Demand
Here's how Security Requirements is used in Cyber Security Analyst jobs:
  • Review system-level requirement documentation to ensure system security requirements, including certification and accreditation (C&A) are incorporated.
  • Provided advice and guidance to department personnel on information security requirements, policies, and guidelines.
  • Perform analyses to validate established security requirements and to recommend additional security requirements and safeguards.
  • Validated system security requirements and recommended solutions in order to comply with DOD guidelines.
  • Monitored controls post authorization to ensure continuous compliance with the security requirements.
  • Analyzed detailed security requirements, recommended courses of action to the Information Assurance Manager (IAM) and System/Network Administrators.
  • Provided Risk Assessments for Clients and evidence to ensure that Security requirements were being met with White Hat.
  • Apply security requirements to an operating system for the NE or CE used in their current position.
  • Developed enterprise level security policies and procedures addressing enterprise cybersecurity requirements to maintain compliance and alignment with national strategic directives.
  • Implemented information security requirements for IT systems throughout their life cycle from the requirements definition phase through disposal.
  • Served as a Cryptologic Linguist in support of Army, Joint, and National Security requirements.

Show More

40. Hbss

low Demand
Here's how Hbss is used in Cyber Security Analyst jobs:
  • Evaluate HBSS product advancements and provide recommendations for planned testing; develop implementation schedules for deployment into the production environment.
  • Develop HBSS policies and procedures to meet scanning and reporting requirements with the use of Policy Auditor.
  • Perform troubleshooting of HBSS components and deployment of agent modules and approved policies.
  • Monitored and managed ticket queues associated with HBSS on a daily basis.
  • Perform upgrades and configuration changes which support NRL HBSS infrastructure maintenance objectives.
  • Trained 16 analysts in network forensics using HBSS and ACAS.
  • Reported events as well as signature modification requests in HBSS.
  • Develop HBSS customized Dashboards based DISA requirements.
  • Instructed HBSS, IMS, and the Instructor Certification Course for the 33rd NWS.
  • Certified in (HBSS) (ACAS).
  • Build and deploy multiple HBSS servers across various networks and perform all policy creation to meetthe security requirements of the customer.
  • Assist in applying all applicable HBSS STIGs, IAVM directives, DoD, OSD and Navy instructions to the NRL architecture.
  • Document and maintain HBSS compliancy across the MCEN.
  • Monitored HBSS and ePO for unauthorized rogues, inactive devices, and malware-infected machines.
  • Managed "enterprise" IT services such as; LDAP, NTP, DNS, and HBSS.
  • Administer and monitor Windows-based McAfee HBSS and ePolicy Orchestrator (ePO) servers.

Show More

41. Threat Assessments

low Demand
Here's how Threat Assessments is used in Cyber Security Analyst jobs:
  • Collaborate with intelligence community (IC) partners to share and collect cyber threat data for use in strategic threat assessments.

Show More

42. Situational Awareness

low Demand
Here's how Situational Awareness is used in Cyber Security Analyst jobs:
  • Coordinate with other NAS monitoring entities to obtain all required event information and maintain full situational awareness.
  • Developed Analysis Reports and Situational Awareness Reports on computer network exploitation intelligence and activity.
  • Review open and closed source vulnerability resources to maintaining situational awareness of emerging threats.
  • Provide situational awareness and operational update briefings to DISA leadership.
  • Produced and briefed a daily report that provided situational awareness to the Director DIOCC and Combatant Commands.
  • Maintained cyber security situational awareness and prepared incident reports of analysis methodology and results.
  • Prepared and briefed daily activity reports to Army leadership regarding situational awareness of Army network and systems and cyber threats.
  • Research DoD directives, authorized service interruptions, and task orders to provide situational awareness to leadership.
  • Maintained situational awareness and provided cyber threat intelligence of online threats and hacktivist activities through open source intelligence and FS-ISAC.
  • Coordinate with the Incident Responders and Senior Analysts to maintain situational awareness of issues within our respective AORs.

Show More

43. ATO

low Demand
Here's how ATO is used in Cyber Security Analyst jobs:
  • Provided executive briefings to senior management and advised site administrators on best business practices and remediation techniques for the vulnerabilities found.
  • Installed and configured specialized machines for intelligence analysts, database administrators, developmental and testing engineers.
  • Developed formal mitigation plans to be submitted to regulatory bodies in response to issued regulatory violations.
  • Work with infrastructure and database administrators to ensure logging of events and notifications to EnVision appliances.
  • Correlated network event data with national intelligence collection for indicators and warnings of intrusion or attack.
  • Analyze data of scanned hardware/software to prepare vulnerability assessment reports to system administrators and management
  • Provide guidance to systems administrators to implement corrective actions to mitigate risk.
  • Analyze over 1,500 indicators of compromise per week to ensure that network of over 500,000 users is not affected.
  • Identify, triage and document findings to system administrators, desktop and server patching groups.
  • Prepared ATO letter and Executive Summary Report for CISO approval.
  • Digested numerous intelligence reports and documented indicators of compromise (IOCs) from said intelligence reports supporting hunt-based network analysis.
  • Operated as VMware administrator and ensured teams mission critical equipment was 100% operational and mission ready
  • Conducted self-assessments to self-certify business cyber security compliance with regional regulatory bodies.
  • Remained informed on trends and issues in the security industry, including current and emerging technologies and regulatory and compliance issues.
  • Provided Laboratory staff with guidance on policy and best practices via security hotline and monthly policy briefings.
  • Worked closely with senior leadership as a trusted facilitator and IT strategic advisor and project manager.
  • Determine system adherence with cyber security standards as described in Regulatory Guide 5.71 and NEI 08-09.
  • Perform as a Navy Validator for packages in SPAWAR.
  • Project Coordinator for the USSTRATCOM Cyber OPORD Assessment.
  • Upload reports per site via HTTPS Webservices page and communicate with TEKsystems coordinators to make sure building network information is accurate.

Show More

44. Retina

low Demand
Here's how Retina is used in Cyber Security Analyst jobs:
  • Provide scan process related guidance and technical support for Retina to FSO vulnerability scanners in the field.
  • Job Summary: Utilize e-Eye Retina to run network discovery scans.
  • Scan computers using QTIP/ACAS/RETINA looking for malicious software/hardware on the network.
  • Experience running SCAP benchmarks, Retina scans and familiarity with ACAS.
  • Performed weekly Retina scanning of the entire USAFRICOM network.
  • Provide formal Retina classroom training for FSO vulnerability scanners for the purpose of maintaining product certification/recertification as required by FSO.
  • Perform and interpret regular vulnerability assessment scans using Retina and Nessus network scanners.
  • Performed weekly vulnerability scans, utilizing a number of approved tools to include Retina, STAT, and QTip.
  • Maintained system health of all MARCERT managed systems including Network Security Managers, IPSs and Retina scanners.

Show More

45. Network Operations

low Demand
Here's how Network Operations is used in Cyber Security Analyst jobs:
  • Provided Computer Network Defense and Digital Network Intelligence in support of the 5th Fleet AOR and National Threat Network Operations Center.
  • United States Navy Computer Network Operations Planner (Intelligence Specialist First Class, US Navy)
  • Provide PKI support for the Marine Corps Network Operations Security Center.
  • Monitor network operations using Spectrum and Solar Wind.
  • Support of 24/7 Marine Network Operations and Security Center (MCNOSC) cyber security efforts.

Show More

46. Internet

low Demand
Here's how Internet is used in Cyber Security Analyst jobs:
  • Verified compliance with DISA Security Technical Implementation Guides (STIG) and Center for Internet Security (CIS) Benchmark checks.
  • Assist clients in troubleshooting, analyzing Internet content and sources, and advising on suitable courses of action.
  • Gathered and analyzed file system, internet history, memory forensics, metadata extraction and registry files.
  • Identified 300 compromised hosts infected with malware and participation in peer-to-peer and Internet Relay Chat botnet exploits.

Show More

47. Fips

low Demand

48. Active Directory

low Demand
Here's how Active Directory is used in Cyber Security Analyst jobs:
  • Performed management of network members and assets using Active Directory and Directory Resource Administrator.
  • Created, modified and secured Active Directory objects for unclassified and classified environments.
  • Utilized active directory to compare, create and revoke SIPR/NIPR tokens based on the need of the customer or contract.
  • Perform Directory Services Management cleanup of Active Directory by enabling, disabling, moving and or deleting user accounts.
  • Installed and administered Windows Server 2003, which included installing Active Directory, DNS and DHCP.
  • Processed work orders for users' access in Active Directory and IRAM.
  • Managed FTP servers, Active Directory, wireless access points and load balancers.

Show More

49. Malicious Activity

low Demand
Here's how Malicious Activity is used in Cyber Security Analyst jobs:
  • Use Computer Network Defense tools for continual monitoring and analysis of system activity to identify malicious activity.
  • Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information.
  • Identified malicious activity originating from China.
  • Monitor, track, analyze, and record incidents to ensure protection from any potential leaks of malicious activity.
  • Monitored a network-based intrusion-detection system through a console and information management engine for malicious activity on U.S Federal Government networks.
  • Tag reports and malicious activity into Palantir to enhance future searches and to enhance base realm.
  • Utilize Palantir to create graphs on malicious activity for management and malware removal teams.

Show More

50. Fireeye

low Demand
Here's how Fireeye is used in Cyber Security Analyst jobs:
  • Execute FireEye analysis on over 25 emails per week to ensure authenticity of intended email.
  • Experience with Linux, FireEye, SourceFire, ServiceDesk, BigFix, and InfoBlox.
  • Monitor FireEye Threat Intelligence and Appliances Utilize network sniffer tools to perform packet analysis.
  • Install and administer FireEye MX and AX appliances.
  • File analysis using FireEye, Yara, and OPSWAT.
  • Monitor and investigate events from FireEye and Symantec.
  • Conducted malware analysis with the FireEye Malware Analysis System.

Show More

20 Most Common Skill for a Cyber Security Analyst

Vulnerability Assessments11.5%
Network Security10.4%
Information Technology8.7%
Incident Response5.9%
Information Security5.5%
Malware Analysis5.4%
Nist Security Policies5.3%
Assurance5.2%

Typical Skill-Sets Required For A Cyber Security Analyst

RankSkillPercentage of ResumesPercentage
1
1
Vulnerability Assessments
Vulnerability Assessments
7.3%
7.3%
2
2
Network Security
Network Security
6.6%
6.6%
3
3
Information Technology
Information Technology
5.5%
5.5%
4
4
Incident Response
Incident Response
3.7%
3.7%
5
5
Information Security
Information Security
3.5%
3.5%
6
6
Malware Analysis
Malware Analysis
3.4%
3.4%
7
7
Nist Security Policies
Nist Security Policies
3.3%
3.3%
8
8
Assurance
Assurance
3.3%
3.3%
9
9
DOD
DOD
2.9%
2.9%
10
10
System Security Plan
System Security Plan
2.8%
2.8%
11
11
Risk Assessments
Risk Assessments
2.6%
2.6%
12
12
Intrusion Detection
Intrusion Detection
2.4%
2.4%
13
13
Ips
Ips
2.1%
2.1%
14
14
IDS
IDS
2.1%
2.1%
15
15
Security Incidents
Security Incidents
2.1%
2.1%
16
16
POA
POA
2%
2%
17
17
Acas
Acas
2%
2%
18
18
Security Assessment
Security Assessment
1.9%
1.9%
19
19
Firewall
Firewall
1.9%
1.9%
20
20
Fisma
Fisma
1.8%
1.8%
21
21
Nessus
Nessus
1.8%
1.8%
22
22
Network Traffic
Network Traffic
1.8%
1.8%
23
23
Mcafee
Mcafee
1.7%
1.7%
24
24
Splunk
Splunk
1.7%
1.7%
25
25
Siem
Siem
1.6%
1.6%
26
26
Wireshark
Wireshark
1.5%
1.5%
27
27
RMF
RMF
1.5%
1.5%
28
28
Arcsight
Arcsight
1.5%
1.5%
29
29
Security Events
Security Events
1.5%
1.5%
30
30
Stig
Stig
1.5%
1.5%
31
31
Security Tools
Security Tools
1.3%
1.3%
32
32
Disa
Disa
1.3%
1.3%
33
33
SOC
SOC
1.3%
1.3%
34
34
Computer Networks
Computer Networks
1.3%
1.3%
35
35
Cyber
Cyber
1.2%
1.2%
36
36
Security Posture
Security Posture
1.2%
1.2%
37
37
Contingency Plans
Contingency Plans
1.2%
1.2%
38
38
Linux
Linux
1.2%
1.2%
39
39
Security Requirements
Security Requirements
1.1%
1.1%
40
40
Hbss
Hbss
1.1%
1.1%
41
41
Threat Assessments
Threat Assessments
1%
1%
42
42
Situational Awareness
Situational Awareness
0.9%
0.9%
43
43
ATO
ATO
0.9%
0.9%
44
44
Retina
Retina
0.9%
0.9%
45
45
Network Operations
Network Operations
0.8%
0.8%
46
46
Internet
Internet
0.8%
0.8%
47
47
Fips
Fips
0.8%
0.8%
48
48
Active Directory
Active Directory
0.8%
0.8%
49
49
Malicious Activity
Malicious Activity
0.8%
0.8%
50
50
Fireeye
Fireeye
0.7%
0.7%

24,704 Cyber Security Analyst Jobs

Where do you want to work?