Senior Analyst focusing on Information Security and Compliance at Cirque du Soleil. Engaging in threat analysis and improvement of security tools and processes, within a creative company culture.
About the role
- Cybersecurity Auditor performing security analyses and CCRI for NexThreat. Ensuring compliance with cybersecurity regulations and providing actionable recommendations.
Responsibilities
- Independently perform complex security analyses of classified and unclassified applications, systems, and enclaves to verify compliance with security requirements.
- Conduct Command Cyber Readiness Inspections (CCRI) and comprehensive cybersecurity vulnerability evaluations.
- Apply a broad set of security techniques, technologies, and tools to assess security posture in highly complex computer systems and networks.
- Perform vulnerability and risk analyses and participate in computer security penetration studies to identify and remediate security gaps.
- Analyze and define security requirements for computer and networking systems, including mainframes, workstations, and personal computers; recommend practical solutions to meet security requirements.
- Gather, organize, and interpret technical information about an organization’s mission goals and needs; translate findings into actionable security improvements.
- Provide enterprise-wide technical analysis and direction for problem definition, analysis, and remediation of complex systems and enclaves.
- Deliver actionable recommendations and advice to client executive management on system improvements, optimization, and ongoing maintenance across areas, including Information Systems Architecture, Automation, Telecommunications, and Networking, Communication Protocols, Application Software, Electronic Email, VOIP, and Video Teleconferencing (VTC).
- Demonstrate competence across all phases of information systems auditing, from planning and scoping to evidence collection, testing, reporting, and follow-up.
- Prepare clear, concise audit reports and executive summaries with prioritized remediation plans and realistic timelines.
- Collaborate with cross-functional teams (IT, security, operations, and management) to implement and validate corrective actions.
- Stay current with evolving cybersecurity threats, controls, standards, and regulatory requirements to maintain audit readiness.
Requirements
- Must possess a DoD SECRET Clearance and be eligible for an IT-II Non-Critical Sensitive clearance or Tier 3 (T3) upon assignment
- US Citizen, no Dual Citizenship
- Seven years of IT experience.
- Five years of IA (Information Assurance) experience.
- Strong analytical and problem-solving skills for resolving security issues.
- Strong skills in implementing and configuring networks and network components.
- Command Cyber Readiness Inspection (CCRI) experience in at least one of the following areas:
- - Nessus scan analysis
- - Operating Systems (Windows, Unix)
- - Boundary defense (network policy, router, firewall)
- - Internal defense (L2/L3 switches)
- - DNS policy and DNS servers (BIND/Windows)
- - HBSS (remote console, AV, ABM, PA, HIPS, ePO)
- - Traditional security (Common, Basic, NCV, SCV)
- - Wireless communications (BES, handhelds)
- - Tenable Certified Nessus Auditor
- Knowledge and understanding of DoD security regulations and DISA Security Technical Implementation Guides (STIGs)
- Understanding of SCAP (Security Content Automation Protocol)
- Familiarity with and proficiency in:
- - Vulnerability assessment tools (e.g., VULNERATOR, Nessus, SCCM)
- - USCYBERCOM CTO Compliance Program
- - Wireless vulnerability assessment
- - Web services (IIS, Apache, Proxy)
- - Databases (SQL Server, Oracle)
- - Email services (Exchange)
- - Vulnerability scans (NESSUS, SCCM)
- - Phishing exercises
- - Container image scans
- - USB security detection
- - Physical security considerations
- Familiarity with the AUTOCHECKLIST Tool (for audit checklists and evidence collection)
Benefits
- Potential for Telework: offsite work granted in advance in writing by the COR
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Security Architect designing and implementing cybersecurity architectures for UK Defence projects. Collaborating with stakeholders to safeguard client data against cyber threats.
System Security Specialist analyzing risks and security controls for state agencies. Conducting assessments, providing advisory support, and strengthening cybersecurity posture.
Security Data Specialist supporting a large - scale cybersecurity assessment program for State government agencies. Transforming assessment data into actionable insights and enabling data - driven decision - making across stakeholders.
Trainee in Health & Safety supporting environmental and health safety processes at Hikma Pharmaceuticals. Collaborating on waste management and legal documentation while developing practical EHS skills.
Senior Security Engineer for Ro, enhancing SaaS security posture management and data loss prevention. Collaborating across teams to secure patient data and maintain compliance standards.
Senior Mainframe Security Engineer at Capital One, focusing on Identity Access Management using IBM z/OS and CICS Security. Collaborate on automation and security solutions in a fast - paced environment.
BO
Cybersecurity Senior Manager leading CUI compliance operations at Boeing across multiple locations in the U.S. Responsible for team management and cybersecurity strategies in compliance with regulations.
Experienced Product Security Engineer working on Government Vehicle Health Management Systems at Boeing. Responsible for developing product security and ensuring cybersecurity compliance across multiple platforms.
Senior Offensive Security Consultant at IBLISS specializing in vulnerability assessments and penetration testing in AI/ML systems. Engaging in Red Team exercises and providing technical leadership.