Senior Cybersecurity Analyst
STR, Woburn, MA, United States
STR is hiring a Senior Cybersecurity Analyst to aid the Enterprise Cybersecurity Team. The cybersecurity analyst will provide day-to-day cybersecurity operations support.
Responsibilities
Interfaces and communicates with internal/external stakeholders regularly to identify and review software for use in a CMMC Level 2 environment and eventually CMMC level 3 environment
Provides consulting relative to cybersecurity strategy, metrics, and compliance
Supports the development of CMMC cybersecurity assessment related instruction
Gather evidence in support of audits
Provides subject matter expertise on matters including governance and oversight, standards and processes, tools and technology
Support the development, implementation, and management of security policies/procedures to ensure they remain aligned with business objectives/meet regulatory requirements
Correlate threat information from various sources, including security incidents raised by the user community such as phishing attempts, malware outbreaks, unauthorized access attempts, as well as security alerting sources
Maintain current knowledge of DoD security and technical guidelines and the organization's policies
After-hours support is required for incident handling, maintenance and patching when needed
Collaborate with cross-functional teams to drive security improvements and ensure project objectives are met within scope, time, and budget constraints
Requirements
Experience in MIcrosoft Defender and Sentinel, analyzing events and recommended actions
Experience with Corelight Investigator is highly preferred
Strong technical background with a variety of information security systems and tools including firewalls, intrusion detection systems, intrusion prevention systems, vulnerability management, intrusion detection and prevention, cloud access security broker, anti‑virus/malware, data loss prevention
Experience designing and implementing controls within corporate networks to include computer and network security and operating systems such as UNIX, Linux, MAC, and WINDOWS, as well as LAN/WAN internetworking protocols such as TCP/IP and network perimeter protection
Excellent analytical skills in order to identify security risks and appropriate measures needed to help mitigate those risks. Must be comfortable conducting independent research into issues and inquiries to provide guidance when requested
Qualifications
Bachelor’s degree in Cybersecurity, Information Technology, or a related field (or equivalent experience)
5+ years of experience in cybersecurity, with a focus on architecture, strategy, or special projects
Strong understanding of security frameworks (e.g., NIST, ISO 27001) and risk management methodologies
Hands‑on experience with security tools, vulnerability management, and incident response processes
Experience with security architecture design, including cloud security platforms (AWS/Azure)
Excellent written and verbal communication skills with the ability to present complex information to both technical and non‑technical stakeholders
Preferred Certifications: CISSP, CISM, OSCP, or equivalent industry‑recognized certifications; GIAC certifications (GCIH, GCFA, GCIA) and cloud security credentials (CCSP, AWS Security Specialty) a plus
Pay Information Full‑Time Salary Range: $140,000‑155,000
STR is an equal opportunity employer. We are fully dedicated to hiring the most qualified candidate regardless of race, color, religion, sex (including gender identity, sexual orientation and pregnancy), marital status, national origin, age, veteran status, disability, genetic information or any other characteristic protected by federal, state or local laws.
If you need a reasonable accommodation for any portion of the employment process, email us at appassist@str.us and provide your contact info.
Pursuant to applicable federal law and regulations, positions at STR require employees to obtain national security clearances and satisfy the requirements for compliance with export control and other applicable laws.
#J-18808-Ljbffr
Responsibilities
Interfaces and communicates with internal/external stakeholders regularly to identify and review software for use in a CMMC Level 2 environment and eventually CMMC level 3 environment
Provides consulting relative to cybersecurity strategy, metrics, and compliance
Supports the development of CMMC cybersecurity assessment related instruction
Gather evidence in support of audits
Provides subject matter expertise on matters including governance and oversight, standards and processes, tools and technology
Support the development, implementation, and management of security policies/procedures to ensure they remain aligned with business objectives/meet regulatory requirements
Correlate threat information from various sources, including security incidents raised by the user community such as phishing attempts, malware outbreaks, unauthorized access attempts, as well as security alerting sources
Maintain current knowledge of DoD security and technical guidelines and the organization's policies
After-hours support is required for incident handling, maintenance and patching when needed
Collaborate with cross-functional teams to drive security improvements and ensure project objectives are met within scope, time, and budget constraints
Requirements
Experience in MIcrosoft Defender and Sentinel, analyzing events and recommended actions
Experience with Corelight Investigator is highly preferred
Strong technical background with a variety of information security systems and tools including firewalls, intrusion detection systems, intrusion prevention systems, vulnerability management, intrusion detection and prevention, cloud access security broker, anti‑virus/malware, data loss prevention
Experience designing and implementing controls within corporate networks to include computer and network security and operating systems such as UNIX, Linux, MAC, and WINDOWS, as well as LAN/WAN internetworking protocols such as TCP/IP and network perimeter protection
Excellent analytical skills in order to identify security risks and appropriate measures needed to help mitigate those risks. Must be comfortable conducting independent research into issues and inquiries to provide guidance when requested
Qualifications
Bachelor’s degree in Cybersecurity, Information Technology, or a related field (or equivalent experience)
5+ years of experience in cybersecurity, with a focus on architecture, strategy, or special projects
Strong understanding of security frameworks (e.g., NIST, ISO 27001) and risk management methodologies
Hands‑on experience with security tools, vulnerability management, and incident response processes
Experience with security architecture design, including cloud security platforms (AWS/Azure)
Excellent written and verbal communication skills with the ability to present complex information to both technical and non‑technical stakeholders
Preferred Certifications: CISSP, CISM, OSCP, or equivalent industry‑recognized certifications; GIAC certifications (GCIH, GCFA, GCIA) and cloud security credentials (CCSP, AWS Security Specialty) a plus
Pay Information Full‑Time Salary Range: $140,000‑155,000
STR is an equal opportunity employer. We are fully dedicated to hiring the most qualified candidate regardless of race, color, religion, sex (including gender identity, sexual orientation and pregnancy), marital status, national origin, age, veteran status, disability, genetic information or any other characteristic protected by federal, state or local laws.
If you need a reasonable accommodation for any portion of the employment process, email us at appassist@str.us and provide your contact info.
Pursuant to applicable federal law and regulations, positions at STR require employees to obtain national security clearances and satisfy the requirements for compliance with export control and other applicable laws.
#J-18808-Ljbffr