Job Overview:

Site2 is a managed IT and cybersecurity services provider that helps organizations develop and enhance their cybersecurity programs based on established industry frameworks including the National Institute of Standards and Technology (NIST) Cyber Security Framework (CSF), NIST Special Procedure (SP) 800-171, the Center for Internet Security (CIS) Critical Security Controls (CSC) 20/18 and the Health Information Portability and Accountability Act (HIPAA) / HITECH.

Site2 has an full-time job opening for a experienced Cybersecurity Analyst to join our team. The qualified candidate is expected to perform cybersecurity assessments, document policies and procedures, respond to Tier 2 SOC support, and provide clients with cybersecurity consultation related to the NIST frameworks. They must be able to work independently while also supporting internal and client facing projects.

Key responsibilities including but not limited to:

• Provide a leading role in the development, maintenance and on-going delivery of Managed Cybersecurity Services for our clients.
• Perform threat analysis work for Site2’s systems, and those of its managed security services clients.
• Lead the organization’s vulnerability management service using the Tenable suite of products including Tenable.io, Tenable WAS and Nessus Pro.
• Support the Manager of Cybersecurity Services with defining a cybersecurity services strategy for Site2 and for its managed security services clients.
• Support security assessments, penetration tests, and adversary emulations by helping with the testing of cybersecurity controls, identifying security vulnerabilities and documenting recommended remediation strategies.
• Assist with the development of cybersecurity policies and procedures in line with NIST standards.
• Support security assessments through the process of Passive information gathering including via social media and open-source tools such as Shodan, Recon-ng, HaveIBeenPwned, and other open-source tools.
• Support security assessments through the process of Active information gathering including networks scans with NMAP, Nessus Pro and open-source tools.
• Develop cybersecurity policies, procedures and controls that meet existing and newly developed regulatory requirements including NIST CSF, NIST 800-171, HIPAA/HITECH, and/or FFIEC guidance.
• Support cybersecurity awareness training including facilitating social engineering testing.
• Help ensure that Site2 is prepared to pass a CMMC certification audit.

Skills/Requirements:

• Bachelor’s degree in information sciences, Computer Science, Cybersecurity or related field required.
• Solid understanding of Microsoft Windows Operating Systems, Active Directory domains, networking, DNS and relational databases required.
• Self-motivated, self-starter who takes the initiative of identifying threats, gaps, and alert response.
• Familiarity with IT Security frameworks and IT Risk Assessments, NIST 800-171/CMMC preferred.
• Experience developing System Security Plans (SSP), Plans of Actions and Milestones (POAM) and cybersecurity policies and procedures, NIST experience preferred.
• Familiarity with the Tenable suite of assessment tools including Tenable.io and Nessus Pro.
• Familiarity with Kali Linux preferred.
• Excellent communication skills especially technical writing.
• 3 to 5 years Information Technology or Cybersecurity experience with a proven ability to engage with Senior Management, C Level clients, and industry regulators and auditors.
• If not already obtained, analyst will be required to earn the CMMC Registered Practitioner Advanced (RPA) certification within 90-days of employment.

Working Conditions

• Hybrid work (primarily work from home).
• Salaried compensation paid semi-monthly, eligible for annual performance-based bonuses and cost of living increases.
• 10 Paid National holidays each calendar year.
• Personal Time-Off (PTO) days commensurate with tenure.
• Healthcare Benefits available after 90 days of employment.
• Simple IRA participation is available based on eligibility requirements.
• Site2 maintains a drug-free workplace and performs pre-employment substance abuse testing and background checks.
• We are proud to be an equal employment opportunity (EEO) employer.

Job Type: Full-time

Pay: $65,000.00 - $80,000.00 per year

Benefits:

• 401(k) matching
• Dental insurance
• Health insurance
• Parental leave
• Retirement plan

Compensation package:

• Bonus opportunities
• Yearly bonus
• Yearly pay

Experience level:

• 3 years

Schedule:

• Weekends as needed

Experience:

• Linux: 3 years (Preferred)
• Cybersecurity: 3 years (Required)
• Information security: 3 years (Required)
• NIST standards: 3 years (Preferred)

Ability to Commute:

• Clarks Summit, PA 18411 (Preferred)

Willingness to travel:

• 25% (Preferred)

Work Location: Hybrid remote in Clarks Summit, PA 18411