Principal Cybersecurity Analyst - Principal Cybersecurity Incident Response Lead - IT Division

Position Overview Directs the instrumentation and administration of cybersecurity tools, appliances, and measures to protect the Board’s IT assets and ensure the Board’s ability to conduct its mission. Utilizes cybersecurity tools such as firewalls, proxies, intrusion detection, intrusion prevention, endpoint protection, data analysis platforms as part of an integrated defense‑in‑depth solution with a central security information and event management (SIEM) system and security orchestration tools. Duties and Responsibilities Implement and oversee cybersecurity tools and solutions, including firewalls, proxies, intrusion detection/prevention, endpoint protection, data analysis platforms, SIEM, and orchestration tools.

Develop technical and analytical assessments to support information security engineering decisions. Oversee characterization and management of complex risks to mitigate cyber threats. Analyze threat intelligence from diverse sources, conduct threat hunt operations, and investigate Board IT assets for intrusion evidence.

Emulate threat actor tactics, techniques, and procedures in controlled environments to demonstrate and observe technical aspects, and develop detection strategies and mitigations. Apply statistical models and analytical tradecraft to network‑generated data to identify anomalous activities and discover intrusions. Analyze system logs, capture forensic images, perform root‑cause analysis, and develop incident timelines.

Lead incident response process: identification, containment, eradication, and remediation. Implement vulnerability scans, patch management, and vulnerability analysis to protect systems. Develop data‑analytic software and cybersecurity scripts, automate processes, and integrate tools for advanced analysis.

Lead innovative cybersecurity projects, document plans, schedules, requirements, risks, and resource utilization. Minimum Qualifications Bachelor’s degree in computer science, information technology, cybersecurity, or related field. Eight years of experience.

Expert knowledge in at least one of: cybersecurity fundamentals, cyber threat analysis, data science principles, digital forensics, incident handling, incident response, vulnerability management, security engineering, automation and programming, project management, and relevant technologies and programming languages. Ability to work effectively with staff and familiar with relevant policies and procedures. Experience with national security clearance, including TOP SECRET / SENSITIVE COMPARTMENTED INFORMATION.

Experience directing threat assessments, recommending cybersecurity technologies, assessing vulnerabilities, identifying automation opportunities, investigating and resolving security breaches, technical writing, and communication. Highly Desired Skills Expert knowledge in cybersecurity operations, cyber threat analysis, intrusion detection & prevention, digital forensics, incident handling, incident management, incident response, vulnerability management, security engineering, and/or automation. Ability to provide threat assessments, recommend cybersecurity technologies, assess vulnerabilities, identify automation opportunities, investigate and resolve security breaches.

Experience using cybersecurity tools such as firewalls, proxies, intrusion detection, intrusion prevention, endpoint protection, data analysis platforms, SIEM, and/or security orchestration tools. Experience with incident response tools and processes including host forensics, network forensics, log analysis, timeline development, memory acquisition and analysis, image acquisition, etc. Experience analyzing threat intelligence from diverse sources to inform threat hunt operations and investigate Board IT assets for evidence of intrusion or compromise.

Familiarity with relevant policies, procedures, and ability to work with TOP SECRET / SENSITIVE COMPARTMENTED INFORMATION. Resourcefulness and advanced critical thinking skills to independently direct, analyze, and implement solutions for complex problems. Expert technical writing and communication skills; ability to coordinate with division leadership and staff at all levels.

Ability to construct clear and concise written work and apply advanced understanding of grammar, sentence structure, and audience for editing. Ability to explain complex issues to cross‑team or cross‑divisional partners. Negotiation and persuasion skills to influence support for change.

Location and Employment Status Onsite presence in Washington, D.C. (DC‑Washington). Regular employment status, exempt overtime, standard job type. Relocation provided.

Salary The expected salary range for this role is $144,500 – $275,400. Final offers are determined by experience and education. Security Clearance This position requires a TOP SECRET / SENSITIVE COMPARTMENTED INFORMATION security clearance.

Application Requirement Applicants are required to provide a writing sample of original work. #J-18808-Ljbffr