Simplify Logo

Full-Time

Cybersecurity Analyst

Posted on 7/22/2024

Spry Methods

Spry Methods

51-200 employees

Provides IT and cybersecurity solutions

Cybersecurity
Government & Public Sector
Enterprise Software

Mid, Senior

Remote in USA

This position is remote work with the potential for travel.

US Top Secret Clearance Required

Category
Cybersecurity
IT & Security
Requirements
  • Public Trust
  • Demonstrated experience using cybersecurity tools such as: Tenable, Qualys, Governance Risk Compliance (GRC) tools (e.g. Xacta, Risk Vision, CSAM, etc.,).
  • 3-5 years direct experience supporting federal organizations Cybersecurity programs.
  • 5+ years direct experience conducting security assessments.
  • Experience drafting FISMA related artifacts to include: system security plans, incident response plans, configuration management plan, FIPS 199, digital identity risk assessments, security impact analysis, contingency plan, security assessment plans and reports, Plan of Action and Milestones (POA&M), and training materials.
  • Experience in applying NIST Special Publications to information systems.
  • Experience with performing information system continuous monitoring of security controls to ensure that they continue to be implemented correctly, operating as intended and producing the desired outcome with respect for meeting the security requirements.
  • Experience participating in security assessments and/or audits.
Responsibilities
  • Develop functional and technical requirements; serve as a POC for Information Systems with security issues;
  • Prepare and update reports to ensure that the unit complies with mandated internal and external security reporting requirements, including Federal Information Security Modernization Act (FISMA) and Capital Planning;
  • Coordinate security program and system elements with the agency IT Program Managers by evaluating system environments for security requirements and controls including: IT Security Architecture, hardware, software, telecommunications, security trends, and associated threats and vulnerabilities;
  • Manage security controls to ensure confidentiality, integrity and availability of information;
  • Build security into the system development process and define security specifications to Support the acquisition of new systems;
  • Support System Owners or Program Officers on the review of system procurement requests to ensure that security has been considered and included;
  • Adhere to and implement system security controls that ensure the protection of Sensitive but Unclassified (SBU) information using authentication techniques, encryption, firewalls, and access controls;
  • Complete Security Assessments;
  • Assist in the Assessment and Authorization process;
  • Create and/or update the System Security Plans;
  • Serve as an advisor in risk assessments of all systems and mitigate vulnerabilities;
  • Adhere to Continuous Monitoring practices to ensure that security controls are maintained over the life of IT systems
  • Assist the System Owner in the development, testing and maintenance of contingency plans, backup and storage procedures;
  • Document all procedures according to the organizations standards;
  • Audit and monitor application, system and security logs for security threats, vulnerabilities and suspicious activities; report suspicious activities to the agency Incident coordinator;
  • Monitor and coordinate patch management and scanning techniques for all unit systems; participate in identification and mitigation of all system vulnerabilities;
  • Support and facilitate the security awareness, training, and education program; and
  • Assist the Information System Security Manager (ISSM), or CISO in any other security related duties, as required.

Spry Methods delivers IT and cybersecurity solutions primarily to enterprise and government sectors. Their services include cybersecurity management, intelligence operations, data assurance, IT infrastructure support, software development, and program management. These services work by implementing streamlined security processes and integrated IT operations to protect clients' assets and improve efficiency. Unlike many competitors, Spry Methods emphasizes high-quality service delivery, certified by ISO 9001:2015 and CMMI Level 3, and has secured notable contracts like the CIO SP3 Small Business Contract. The company's goal is to transform clients' operations in the digital world, making them more secure and efficient, while continuously recruiting top talent to maintain their competitive edge.

Company Stage

N/A

Total Funding

N/A

Headquarters

McLean, Virginia

Founded

2001

Growth & Insights
Headcount

6 month growth

9%

1 year growth

9%

2 year growth

9%
Simplify Jobs

Simplify's Take

What believers are saying

  • Spry Methods' focus on recruiting top talent ensures a dynamic and innovative work environment.
  • The company's diverse service offerings, from cybersecurity management to software development, provide employees with opportunities to work on a variety of projects.
  • Their strong foothold in government contracts offers stability and long-term growth potential.

What critics are saying

  • The highly competitive nature of the IT and cybersecurity sectors means Spry Methods must continuously innovate to stay ahead.
  • Dependence on government contracts can be risky due to potential changes in government spending and policy.

What makes Spry Methods unique

  • Spry Methods specializes in both enterprise and government sectors, offering a unique blend of cybersecurity and IT solutions tailored to mission-critical needs.
  • Their certifications, including ISO 9001:2015 and CMMI Level 3, ensure high-quality and reliable service delivery, setting them apart from less rigorously certified competitors.
  • The award of the CIO SP3 Small Business Contract highlights their capability to deliver high-quality solutions to government clients, a niche market with high entry barriers.
INACTIVE