Position Overview: The CSSP (Cyber Security Service Provider) Cyber Security Analyst (Auditor) supports the mission of United States Southern Command (USSOUTHCOM) by conducting comprehensive audits and assessments of cyber security practices and policies across its networks and systems. This role plays a crucial part in ensuring the integrity, confidentiality, and availability of USSOUTHCOM's information systems, thereby safeguarding critical national security interests.
Key Responsibilities:
Cyber Security Audits and Assessments:
-
Conduct regular audits of USSOUTHCOM's cyber security infrastructure, policies, and practices to ensure compliance with established standards, regulations, and best practices.
-
Perform thorough assessments of network configurations, access controls, security protocols, and incident response procedures.
Vulnerability Management:
-
Identify and assess vulnerabilities within USSOUTHCOM's networks and systems using industry-standard tools and methodologies.
-
Provide recommendations and strategies for mitigating identified vulnerabilities to enhance overall cyber resilience.
Incident Response Support:
-
Assist in the investigation and response to cyber security incidents as part of a coordinated team effort.
-
Document incident findings, remediation actions, and lessons learned to improve future incident response capabilities.
Compliance and Reporting:
-
Prepare detailed audit reports summarizing findings, observations, and recommendations for remediation.
-
Maintain accurate records of audit results, compliance status, and corrective actions taken to address identified deficiencies.
-
Analyst will query information across Active Directory, Endpoint Security and other sources.
-
Analyst will apprise Leadership on compliance status across all enclaves.
Training and Awareness:
-
Collaborate with cyber security teams and stakeholders within JDOC to promote awareness of security best practices and compliance requirements.
-
Provide guidance and training to personnel on cyber security policies, procedures, and emerging threats.
Required Qualifications:
-
Bachelor’s degree in Computer Science, Information Technology, Cyber Security, or a related field (or equivalent work experience).
-
Previous experience (typically 3+ years) in cyber security auditing, vulnerability assessments, or related roles.
-
Proficiency in using cyber security tools and technologies such as vulnerability scanners, ESS / ACAS / SIEM platforms, and network monitoring tools.
-
Knowledge of cyber security frameworks and regulations (e.g., NIST, ISO 27001, GDPR).
-
Strong analytical skills and attention to detail with the ability to analyze complex technical environments.
-
Excellent communication skills, both verbal and written, to effectively convey technical information to diverse audiences.
Preferred Qualifications:
-
Professional certifications such as CISSP, CISA, CEH, or related certifications.
-
Experience working within military or government environments, understanding their specific security requirements and protocols.
Work Environment: This position is based within USSOUTHCOM’s cyber security operations center (JDOC). The role may require occasional travel and the ability to work outside standard business hours to support operational needs or respond to incidents.