Cyber Security Analyst

Trilogy Federal·Remote(Arlington, VA)
Cybersecurity

WFA Digital Insight

As the demand for cybersecurity specialists continues to surge, with a 25% increase in job postings in the last year alone, Trilogy Federal is at the forefront of this trend. With the rise of remote work, companies are looking for experts who can safeguard their digital assets from anywhere. In this role, you'll be working with a leading provider of innovative solutions, leveraging your skills in vulnerability management, risk assessment, and compliance to protect sensitive information. Before applying, consider the evolving landscape of cybersecurity and how your expertise can help shape the future of this field.

Job Description

About the Role

The Cyber Security Analyst position at Trilogy Federal is a critical component of the company's commitment to delivering secure and innovative solutions. As a key member of the team, you will be responsible for implementing and maintaining the security posture of VA enterprise systems and data, ensuring robust compliance with federal and VA security requirements. This role operates within an agile, DevSecOps-focused environment, requiring proactive risk identification and collaboration with cross-functional teams to ensure the security and integrity of the VA's technical ecosystem.

The success of this role is paramount as it directly impacts the security and efficiency of the VA's operations. Working closely with technical and program stakeholders, you will maintain and improve security controls and documentation, elevate incident response, and support the ongoing Authorization to Operate (ATO) for supported systems and applications.

Trilogy Federal's collaborative, client-first service approach has earned the company an unparalleled reputation for delivering transformative results. By joining this team, you will be part of a culture that values innovation, teamwork, and the rapid implementation of pragmatic solutions.

What You Will Do

  • Perform ongoing vulnerability scanning, penetration testing, code review, and remediation in line with NIST SP 800-53 and related standards.
  • Develop, document, review, and maintain Assessment & Authorization (A&A) artifacts, including security plans, risk assessments, and Plan of Action and Milestones (POA&M), supporting ATO submissions and renewals.
  • Respond to, analyze, and report on security events and incidents, including notification to stakeholders within strict timeframes.
  • Remediate security vulnerabilities within specified periods according to severity.
  • Ensure compliance with Federal, VA, FISMA, NIST, HIPAA, Privacy Act, and organizational security and privacy directives.
  • Complete mandatory and additional annual privacy and security training as required.
  • Coordinate with VA technical staff, ISSOs, and integration teams to ensure proper migration, deployment, and operational support for new or updated systems.
  • Provide support for the implementation of security controls on operating systems, application code, network infrastructure, and endpoints.
  • Participate in audits and assessments, and provide evidence of compliance as requested.
  • Monitor, track, and report on key security KPIs including vulnerability remediation timeframes, incident resolution metrics, and system security posture.
  • Proactively apply OS and application patches; validate and report the effect of third-party patches.

What We Are Looking For

  • Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related discipline; equivalent practical experience may be considered.
  • Minimum of 10 years of progressive experience in cyber security operations, risk assessment, vulnerability management, or information security compliance.
  • Demonstrated knowledge of and experience with relevant federal cybersecurity standards.
  • Experience conducting and reporting on vulnerability assessments, penetration testing, and security control testing.
  • Familiarity with security tools including but not limited to Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) tools.
  • Strong understanding of security frameworks such as NIST Cybersecurity Framework and ISO 27001.

Nice to Have

  • Certification in CompTIA Security+, CISSP, or CEH.
  • Experience with cloud security platforms such as AWS or Azure.
  • Knowledge of agile methodologies and DevOps practices.

Benefits and Perks

  • Competitive salary and benefits package.
  • Opportunity to work with a leading provider of innovative solutions.
  • Collaborative and dynamic work environment.
  • Professional development and growth opportunities.
  • Flexible remote work arrangements.
  • Access to cutting-edge security tools and technologies.
  • Recognition and reward for outstanding performance.

How to Stand Out

  • Ensure your resume and cover letter are tailored to highlight your experience with federal cybersecurity standards and compliance frameworks.
  • Be prepared to provide specific examples of your experience with vulnerability assessments, penetration testing, and security control testing during the interview process.
  • Developing a strong understanding of the NIST Cybersecurity Framework and ISO 27001 will be beneficial for this role.
  • Familiarize yourself with the company's products and services to demonstrate your interest and enthusiasm for the position.
  • Consider obtaining certifications such as CompTIA Security+ or CISSP to enhance your qualifications.
  • Prepare questions to ask the interviewer about the company culture, team dynamics, and opportunities for growth and development.

This is a remote position listed on WFA Digital, the platform for professionals who work from anywhere. Browse more remote jobs across all categories.