Previous Job
Security Operations Analyst/Engineer
Ref No.: 19-00156
Location: Reston, Virginia
AboutWeb, an award-winning IT solutions and staffing company, is seeking a Security Operations Analyst/Engineer for our end client in Reston, VA.

The ideal candidate will have 5+ years of experience; knowledge of the NIST CyberSecurity Framework; and KnowBe4 Security Awareness Training Platform (or equivalent).

This role will have corporate responsibilities that encompass Security Operations Analyst and Engineer skill sets to help secure Ventera's cloud computing, data center, and on-premise environments. 

The successful candidate will help set up, operate, and manage/maintain a variety of security solutions including vulnerability management, endpoint security, security information and event management, governance/risk/compliance, and security awareness training tools. 

The candidate will also help develop and maintain security policy and procedures, perform incident response and business continuity testing, work with the NIST Cybersecurity Framework, and assist with security audits as needed.  At various times, production security operations tasks such as analysis of security issues and responding to security incidents will be required. 

The successful candidate should be a team player with a dynamic personality that can work effectively with end users and management for resolution of security incidents.  They should be open to sharing their knowledge with the Ventera team and help advance a culture of security at Ventera. 

Required Skills:
  • 5+ years of Security Operations Analyst or Engineer experience with the following skills:
  • Tenable Security Center and Nessus (or equivalent)
  • KnowBe4 Security Awareness Training Platform (or equivalent)
  • Security Information and Event Management solutions
  • Endpoint Security solutions
  • Amazon Web Services (AWS) and/or Microsoft Azure Cloud Computing Services
  • Working knowledge of the NIST CyberSecurity Framework
  • Development and maintenance of security program documentation (security policies, procedures, standards, etc.)
  • Business Continuity and Disaster Recovery Planning and Testing
  • Analysis of security audit findings, control implementations, and resultant security documentation updates
  • Security Incident Response
  • Working knowledge of NIST SP800-61 Rev.2 Security Incident Handling Guide
  • Experience working successfully with executive management and end users
  • Ability to work autonomously and consistently deliver within deadlines
  • Experience with creating and maintaining detailed documentation
  • Excellent oral and written communication skills
  • Excellent multitasking skills