Cybersecurity Vulnerability Analyst

Introduction

A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe.

You'll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including Software and Red Hat.

Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role, you'll be encouraged to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in ground breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience.

Your Role and Responsibilities

Position Location: Radford, VA OR Ft. Belvoir, VA- 5 days onsite

The Cybersecurity Analyst will play a key role in ensuring systems meet compliance and security standards. This role involves conducting in-depth analysis of vulnerability scan data, security configuration compliance reports and system design documentation to assess and report on overall system compliance.

• Analyze Assured Compliance Assessment Solution (ACAS) and Security Technical Implementation Guidelines (STIG) scan results to ensure compliance with security policies and guidelines.

• Prepare detailed reports of scan results, including findings, impacts, and recommended remediation actions for customers and internal stakeholders.

• Maintain accurate and up-to-date records of vulnerabilities and their remediation status.

• Work directly with other teams and customers to discuss scan results and develop effective remediation plans.

• Provide clear and concise communication regarding security findings and their potential impact on systems.

• Collaborate with internal IT and security teams a well as customers to implement remediation plans.

• Track and verify the completion of remediation actions to ensure vulnerabilities are addressed.

• Stay current with the latest cybersecurity threats, vulnerabilities, and best practices.

• Contribute to the development and enhancement of scanning and reporting processes.

Required Technical and Professional Expertise

Security Clearance: DOD Secret (ability to obtain and maintain)

Required Certifications:

Security+ or equivalent DoD 8570.01-M IA Tech Level II certification.

Citizenship: US

• Proficiency with ACAS, AESS, and STIG tools and methodologies.

• Strong understanding of vulnerability assessment, risk management, and security compliance.

• Familiarity with networking protocols, operating systems, and security frameworks.

• Ability to interpret scan results and identify key security issues.

• Strong problem-solving skills to develop effective remediation strategies.

• Excellent verbal and written communication skills.

• Ability to effectively communicate technical information to both technical and non-technical stakeholders.

• Strong interpersonal skills to interface with customers and coordinate remediation efforts.

• Attention to detail and ability to maintain accurate documentation.

• Effective time management and prioritization skills.

Preferred Technical and Professional Expertise

n/a