Proda LLC

Compensation

Full Description

Cybersecurity Analyst – Job Description Position Overview The Cybersecurity Analyst will support federal cybersecurity operations, continuous monitoring, risk assessments, and compliance activities. This role requires strong familiarity with federal security frameworks, vulnerability management, incident response, and security tooling across cloud and on-prem environments. Key ResponsibilitiesSecurity Monitoring & Incident Response • Monitor SIEM tools (Splunk, Sentinel, QRadar, Elastic) for suspicious activity. • Investigate security events, alerts, and logs. • Support incident response workflows: triage, containment, eradication, recovery. • Maintain incident documentation and after-action reporting. Risk Management & Compliance • Support RMF steps 1–6 and associated documentation (SSP, SAR, POA&M, etc.). • Conduct risk assessments and security controls evaluations. • Assist with FedRAMP and FISMA compliance activities. • Support ATO packages, continuous monitoring, and audit requests. Vulnerability Management • Run vulnerability scans with Tenable, Qualys, Rapid7, or AWS/Azure scanners. • Analyze findings and work with engineers to remediate vulnerabilities. • Develop vulnerability trending reports and dashboards. Security Engineering Support • Assist with configuration reviews of firewalls, IAM, endpoint tools, and network security controls. • Support zero-trust initiatives and identity management improvements. • Help implement security automation scripts (Python, Bash, PowerShell). Documentation & Reporting • Maintain security policies, SOPs, and process documentation. • Prepare reporting for government leadership and program managers. • Contribute to security briefings and audits. Required Qualifications • 2–5+ years of hands-on cybersecurity experience. • Familiarity with NIST 800-53, RMF, FISMA, and/or FedRAMP. • Experience with SIEM tools (Splunk, Sentinel, QRadar, Elastic). • Hands-on vulnerability scanning and remediation workflow experience. • Understanding of cloud security concepts (AWS, Azure, or GCP). • Experience analyzing logs from endpoints, servers, cloud platforms, and network devices. • Strong understanding of IAM, MFA, encryption, and least privilege principles. • Ability to write clear, concise technical documentation and reports. Preferred Qualifications • Certifications: • Security+ (highly preferred) • CySA+ • CEH • SSCP • CISSP (nice-to-have) • Experience supporting federal agencies or DoD environments. • Hands-on experience with: • Cloud security tools (GuardDuty, Security Hub, Defender, Sentinel) • EDR tools (CrowdStrike, Carbon Black, SentinelOne) • Experience with STIGs, SCAP, or compliance automation tools. • Scripting experience (Python, Bash, PowerShell). Soft Skills • Strong analytical and investigative mindset. • Ability to simplify technical concepts for non-technical stakeholders. • Detail-oriented with strong documentation discipline. • Effective communicator, both verbally and in writing. • Ability to work independently in multi-vendor federal environments. Clearance • Active Public Trust or Secret preferred. • Ability to obtain clearance if required Job Type: Contract Pay: $97,318.05 - $117,200.23 per year Education: • Bachelor's (Required) Security clearance: • Secret (Preferred) Work Location: Remote