Junior Cybersecurity Program Analyst - Maximus
Rochester, NY 14602
About the Job
Maximus is seeking a skilled and motivated Junior Cybersecurity Program Analyst to join our organization. The Junior Cybersecurity Analyst will be an integral part of the cybersecurity team at Maximus Federal, supporting business development, DevSecOps, vulnerability management, and incident response activities. The candidate will be responsible for supporting the development, implementation, and maintenance of our cybersecurity program. This role will analyze and assess cybersecurity risks; develop and implement security policies and procedures and ensure compliance with relevant regulations and standards. The ideal candidate should have a strong foundation in cybersecurity principles, a willingness to learn, and a passion for ensuring the security and integrity of information systems.
- Collaborate with the business development team to assess the cybersecurity requirements and risks associated with new projects, proposals, and contracts.
- Assist in the development of cybersecurity solutions and strategies to address Federal client needs and align with industry best practices and regulatory requirements.
- Support Development Security Operations (DevSecOps) engagements. Collaborate with customer development and operations teams to integrate security practices into the software development lifecycle.
- Assist in implementing and maintaining security controls, automation, and monitoring tools to ensure secure and efficient software delivery.
- Support vulnerability assessments and penetration tests to identify weaknesses and vulnerabilities in information systems and infrastructure.
- Assist in researching the remediation and mitigation of identified vulnerabilities, working closely with system administrators and stakeholders to ensure timely resolution.
- Stay current with the latest cybersecurity trends, threats, and industry best practices through continuous learning and professional development.
- Participate in training programs, webinars, conferences, and workshops to enhance knowledge and skills in cybersecurity.
Project Minimum Qualifications:
- Bachelor's degree in relevant field of study.
- At least 2 years of relevant IT work experience.
- At least 1 year of work experience with vulnerability management processes.
- Hands on experience with Nucleus Security, Nexpose rapid7, and Qualys.
- Strong understanding of cybersecurity principles, best practices, and industry standards.
- Familiarity with DevSecOps methodologies and tools such as Invicti Enterprise.
- Experience with Python development.
- Experience participating in business development - reviewing requirements in RFI, RFQ.
- Basic understanding of networking protocols and technologies.
- Excellent problem-solving and analytical skills.
- Strong communication and collaboration abilities.
Additional requirements as per Contract/Client:
- Candidates must meet requirements to obtain and maintain an IRS Minimum Background Investigation (MBI) clearance (active IRS Moderate Risk MBI is a plus).
- Candidates must be a US Citizen or a Legal Permanent Resident (Green Card status) for at least three (3) years, and Federal Tax compliant.
Essential Duties and Responsibilities:
- Assist with providing detection, identification and initial triage of possible security events, anomalous activities and misuse activities
- Assist with performing security event correlation using information gathered from a variety of sources within the organization
- Participate in the management of security operations tools, installation, configuration, troubleshooting and maintenance of these tools
- Track and document security incidents within the case management tool
- Other duties as assigned by leadership.
Minimum Requirements
Minimum Requirements:
- Bachelor's degree in relevant field of study and 0-3 years of relevant professional experience required, or equivalent combination of education and experience.
Understanding of core IT concepts: Operating Systems (Windows, Linux/Unix, MacOS), Active Directory, Networking, Virtualization, Databases, SaaS/IaaS/PaaS
- Understanding of core security concepts: Anti-Virus/Anti-Malware, Intrusion Detection, Incident Response, Data Loss Prevention, SIEM, Firewalls, VPN, IAM
- Proficient with Windows, Linux/Unix, MacOS
- Demonstrated personal integrity, the ability to professionally handle confidential matters and exhibit the appropriate level of judgment and decision making
- Demonstrated written and oral communication skills with the ability to effectively communicate with information technology professionals as well as senior management and auditors, assessors, and consultants
- Strong problem solving skills
- Demonstrated initiative, dependability, and ability to work with little supervision
EEO Statement
Active military service members, their spouses, and veteran candidates often embody the core competencies Maximus deems essential, and bring a resiliency and dependability that greatly enhances our workforce. We recognize your unique skills and experiences, and want to provide you with a career path that allows you to continue making a difference for our country. We're proud of our connections to organizations dedicated to serving veterans and their families. If you are transitioning from military to civilian life, have prior service, are a retired veteran or a member of the National Guard or Reserves, or a spouse of an active military service member, we have challenging and rewarding career opportunities available for you. A committed and diverse workforce is our most important resource. Maximus is an Affirmative Action/Equal Opportunity Employer. Maximus provides equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status or disabled status.
Pay Transparency
Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances.