- Featured in:
-
High Quality
The best examples from thousands of real-world resumes
Expert Approved
Handpicked by resume experts based on rigorous standards
Diverse Examples
Tailored for various backgrounds and experience levels
How to Format a Cyber Security Analyst Resume
How you format your cybersecurity analyst resume will depend on your experience and years of employment. Most job seekers, like candidate A, can use a hybrid or chronological resume. These two formats feature detailed work history sections that summarize their jobs, former employers, dates of employment and related work history
Candidate B, however, has a three-year gap between now and their last job. A functional format will highlight their technical security knowledge and play up their nine years of experience rather than this recent pause in their employment
1. Candidate A - Chronological Resume
Candidate Info
- 12 years in workforce
- 4 years at this job
- BS Cybersecurity
Work Experience
Cybersecurity Analyst, Flexmart
July 2019 - present, Atlanta, GA
- Researches and assesses external intelligence sources and recommends improving and augmenting intelligence-gathering efforts.
- Researches and prepares incident reports upon discovery of security vulnerabilities in new and live code during the QA process.
- Reviews and analyzes data reports and manuals for five development engineering teams of 20+ people.
2. Candidate B - Functional Resume
Candidate Info
- 9 years in workforce
- 0 months in current job
- BS Cybersecurity
- Knowledge and experience of DOE/NNSA and DoD cybersecurity orders and policies.
- Legal knowledge of relevant federal and private standards and requirements, including NIST, ISO, CNSS, STIGS.
- Active DOE Q security clearance.
- Familiarity with security best practices, standards and guides in federal defense
- Experience in digital systems design and the field of hardware and embedded security
Professional Skills
Legal Knowledge
Software Engineering
Cyber Security Analyst Resume Samples
No results found
Candidate Info
years in workforce
year at this job
Senior Cyber Security Analyst
Developed and institutionalized, strategic process to ensure accurate assessment of security baseline remains current to DOD compliancy standards.
- Identified on-board/off-board gap impacting Access Management, resolved by updating organizational procedure shortfalls.
- Formulated resolution of highly visible vulnerabilities identified during Command Cyber Readiness Inspection, resulting in exceeding milestone date expectations.
- Reduced reporting and resolution time of Host Based Security System (HBSS) deficiencies by 68%.
- Played key role as Subject Matter Expert in ensuring security baseline met Command Cyber criteria for excellent rating during security audit. Guided leadership, peers and subordinates in tactics techniques and procedures.
- Orchestrated operational and functional enterprise readiness of ACAS vulnerability and compliance scanning suite, overcoming command wide lack of guidance, meeting DOD mandate ahead of schedule.
Candidate Info
years in workforce
years at this job
Bachelor of Science
Master of Science
System Engineer III / Cyber Security Analyst
Researched Application viability and functionality for Implementation within the Drug Enforcement Administration worldwide infrastructure.
- Acquired functional knowledge of and successfully implemented several program suites within DEA including but not limited to Microsoft Hyper-V, Double take High Availability, VMware ESXi / vsphere, Microsoft SharePoint, Microsoft Forefront Identity Manager and Self-service password reset.
- Produced documentation regarding best practices and implementation procedures for several key systems within DEA including Microsoft Windows 2008 R2, Microsoft Exchange 2010, and Microsoft Forefront Identity Manager.
- Organized application of major security initiative for Joint Chiefs of Staff Network.
- Executed Update Mitigation Plan for Joint Chiefs of Staff Network.
- Implemented IAVA Maintenance Policy within Joint Chiefs of staff Network.
Candidate Info
years in workforce
years at this job
Bachelor of Business Administration
Computer Systems Management / Information Assurance
Cyber Security Analyst
Member of the SRA Security Team supporting the United States Visitor and Immigrant Status Indicator Technology (US-VISIT) Program Office.
- Managed Certification and Accreditation (C&A) activities related to accreditation of US-VISIT core mission and support systems and the development of system releases.
- Conducted system security assessments based on NIST 800-53.
- Generated security documentation, including: security assessment reports; system security plans; contingency plans; and disaster recovery plans.
- Supported security tests and evaluations (ST&Es).
- Provided security support and evaluation to development teams in order to integrate information assurance/security throughout the System Life Cycle Development of major and minor application releases.
- Created and tracked POA&Ms using TrustedAgent FISMA (TAF).
- Developed E-Authentication and FIPS-199 worksheets.
Candidate Info
year in workforce
year at this job
Network And Communication Systems
Computer Science
Cyber Security Analyst
Wrote and documented security policies for specific issues in a team
- Wrote and updated security plans to meet NIST 800.53 standards as team
- Participated in two security audits conducted by the Department of Energy
- Performed hard drive forensics looking for information containing Unclassified
- Performed random security inspections for a site containing 1500 employees
- Wrote batch files to force check in and updates for 200 laptop computers
- Managed and conducted a site wide inventory project for 200 laptop computers
Candidate Info
year in workforce
months at this job
High School Diploma
Computer Information Systems
Cyber Security Analyst
Provided Department of State PKI technical training. Created and edited troubleshooting walkthroughs relating to PKI.
- Perform duties as a Department of State PKI Registration Authority, enrolling and recovery for End-Users, and revoking certificates.
- Planned and coordinated as the Technical Lead with customers on PKI Deployment Plans throughout the Department of State.
- Performed PKI related upgrading, installation, and troubleshooting using administrator privileges. Reviewed and resolved open remedy tickets assigned to the PKI Team.
- Performed testing for PKI related hardware and software. Handled development of scripts in correlation with PKI existing software and new software upgrades.
- Configured VMware environment. Installed and administered Windows Server 2003, which included installing Active Directory, DNS and DHCP.
- Built PKI lab Infrastructure using VMware ESXi products. Infrastructure consisted of an Entrust Certification Authority, in which included Entrust Security Manager Authority, Security Manager Administration, and Entrust Web Enrollment Server.
Candidate Info
years in workforce
years at this job
Psychology
Security Management
Counseling
Cyber Security Analyst
Conducted cyber security assessments using security controls per NAP 14.1C and 14.2-C relating to cyber security and training (NIST 800 series, FISMA, and FIPS 199 and 200)
- Wrote and maintained proper documentation for project plans, security plans, self-assessments, and the ISSM
- Developed awareness campaign for the cyber security awareness program using numerous marketing tools and strategies
- Developed and completed a security logo, cyber mascot, security videos, security newsletters, and awareness emails using Adobe Master Collection (InDesign, Soundbooth, Photoshop, Illustrator, After Effects) and Final Cut Pro
- Trained Federal employees (Management and Staff), Federal Agents, and Contractors in Cyber Security topics
- Experienced in many aspects of computer security technologies such as: IDS/IPS, port and vulnerability scanners, and network detection used in performance of daily activities and to perform assessments and audits
- Supported in certification and accreditation (C&A), independent verification and validation (IV& V), conducting cyber assessments, and incident response (using hardware and software): setup and customized interfaces for analysis
Candidate Info
months in workforce
months at this job
Business Competitive Intelligence
Cyber Security Analyst
Trained and worked alongside the Cyber Security Operations Center (CSOC) team
- Assembled and produced two running cyber honey pots for data collections and analysis
- Delivered weekly intelligence briefs to Chief Information Security Officer, along with weekly industry threat reports
- Worked in both Linux and Windows environments
- Adapted and quickly learned a new position and industry to further develop analytical and technical skills.
Candidate Info
years in workforce
years at this job
Mathematics And Economics
Mathematics
Cyber Security Analyst
Contributed to a team of approximately ten Cyber Security professionals working with Intrusion Detection System (IDS) software and hardware.
- Provided high level analysis on security data to identify significant activity.
- Developed coordinated, implemented and maintained standards and procedures to protect the security and integrity of information systems and data.
- Observed and analyzed traffic in order to learn valuable lessons from known malicious actors and to determine countermeasures against such threats.
- Provided detailed status updates on existing cyber security incidents daily to include follow up with client/customer to ensure satisfactory resolution.
- Interacted with cyber intelligence analysts conducting threat analysis operations as well as numerous IT professionals performing varying technical roles within the client organization.
- Conveyed verbal briefings to management on pending cyber incidents as well as coordinate with US-CERT and AV Vendors as necessary to convey incident information.
- Acted as alternate shift lead as necessary, mentor new associates on process and procedure, manage group mailbox, and open tickets for new incidents.
- Monitoring security patch levels of the servers, workstations and network environments, and anti-virus systems.
- Make recommendations to senior management on results of analysis and work closely with other Information Technology groups to refine and enhance security controls.
Candidate Info
years in workforce
year at this job
Cyber Security
Cyber Security Analyst
Assisted in implementing SSIM (Symantec Security Information Manager) console for the security team.
- Conducted base level analysis to determine the legitimacy of files, domains, and emails using tools such as Wireshark and a Linux Toolkit as well as online resources such as Virus Total, URLVoid, IPVoid, and Robtex.
- Monitored a worldwide network for cyber security events and anomalies using a variety of tools such as Site Protector, Net Witness, and Splunk.
- Continuously monitored, analyzed and identified security alerts information from all approved security devices, collection techniques and designated system logs.
- Read Symantec logs and make sure ISSO is aware of any anomalies and odd behavior on the network.
- Performed analysis on security incidence that is required to learn valuable lesson about attack and implement changes proactively based on knowledge learned.
- Performed shift lead roles and responsibilities in support of MIRD/CIRT on an enterprise level.
- Utilized Security Information and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), Data Leakage Prevention (DLP).
Candidate Info
years in workforce
years at this job
Information Security
Compliance
Management
Information Assurance Engineer/ Cyber Security Analyst
Administered an ICD 503 migration of over 700 systems/projects consisting of several mission critical highly complex entities.
- Testing and implementing customized software templates for various environments and customers.
- Deploying software and tools within enterprise systems and ensuring efficiency and effectiveness of the these tools by continuously monitoring and User awareness/training.
- Demonstrated Technical IA leadership in the planning and implementation of over 300 requirements/safeguards tailored specifically for each Mission purpose and risk assessment
- Successfully analyzed over 800 security Questionnaire responses and completed ICD 503 documentation within a 45 day period in compliance with NIST 800-53 rev 4
- Transferred over 200 Projects within Xacta Risk Management tools to meet stringent deadlines and constraints while ensuring data integrity.
- Subject matter expertise in integrating various Security controls, policies & procedures, Workflow enforcement, Access permissions, reverse engineering business process to facilitate enterprise compliance and efficiencies.
- Development/implementation of automated web based applications for enterprises.
Candidate Info
years in workforce
years at this job
Computer Information Systems
Management Information Systems And Decision Sciences
Telecommunications
Cyber Security Analyst
Performed cyber security research and published internal whitepapers on location based access controls
- Provided cyber security and technical support to various projects
- Developed an cyber security awareness campaign
- Web page design, telephony/data network installation and repair
- Volunteer representative for the Church of Jesus Christ of Latter Day Saints; provided leadership, training, and doctrinal instruction; supervised up to 180 missionaries
Candidate Info
years in workforce
years at this job
Civil Engineering
Sr. Cyber Security Analyst and Cnd-spm, Defense Threat Reduction Agency
Lead, managed, and executed DTRA CNDSP project to obtain TIER 2 certification
- Prepared, distributed, coordinated, and maintained instructions, policies, guidance, and SOPs
- Planned, Designed, and Integrated Host Based Security Systems for all DTRA networks
- Initiated proper security measures in the planning and design stage of the projects to comply with INFOCON3, FRAGOs, and FISMA requirements
- Helped the team to meet the DIACAP requirements and supported implementing various INFOCON3 projects (HBSS, SCCM etc.)
- Supported PPSM (DODI 8551.1) compliance requirements for DTRA
- Prepared various IA policies and Standing Operating Procedures (SOPs)
- Integrated HBSS with ArcSight Enterprise Security Management
- Prepared POA&Ms for IA security controls for HBSS and CNDSP projects
Candidate Info
years in workforce
years at this job
Business Administration
Senior Cyber Security Analyst
Established and developed IA Program with sustainable processes to ensure compliance with DoD and Federal Cyber Security requirements
- Assisted in achieving an Authority to Operate (ATO) for the Command SIPRNet, which required constant collaboration with IT Team Leads and Management
- Successfully implemented SIPRNet PKI Implementation initiative for the entire Command encompassing over eighty sites dispersed across the United States and Puerto Rico
- Review IT product technical specifications for compliance with DoD/Army requirements
- Implemented Incident Response procedures that utilized available cyber security tools to increase analysis capability and leveraged HBSS-Analyst training
- Conduct Risk Analysis to determine IA impact on Information Systems and Operations
- Enforced compliance with applicable IA regulations through Security, Education and Awareness Training (SETA) program that address new evolving Cyber threats
- Familiar with the following security-centric products: McAfee and Norton Anti-virus/Ad-aware, Retina, Host-Based Security System (HBSS), Assured Compliance Assessment Solution (ACAS)
Candidate Info
year in workforce
year at this job
Information Systems Technology
Information Technology
Cyber Security Analyst
Monitored, analyzed, remediated and reported network activity using latest security tools.
- Used Site Protector for central management of security devices to control policies, events, analysis and reporting.
- Performed monitoring and investigation of network traffic by using Netwitness.
- Monitored, analyzed and reported network data presented by all applications using Splunk.
- Analyzed traffic flow patterns by capturing packets on the network using Wireshark (packet analyzer) to identify rouge protocols and nodes on the network.
- Utilized my knowledge, skills, experience and tools in countering malicious code attacks such as viruses, malware, spyware, adware, worms, Trojan horses, root kits and all other abnormal activities on computer systems and on the network.
- Used NetDetector for network security surveillance, signature-based anomaly detection, analytics and forensics.
- Used Symantec Security Information Manager to resolve security alerts.
Candidate Info
months in workforce
months at this job
Bachelor of Arts
Cyber Security Analyst Intern
Trained and worked along side the Cyber Security Operations Center (CSOC) team
- Researched and produced two running cyber honey pots for data collection and analysis
- Provided weekly intelligence briefs to Chief Information Security Officer
- Provided weekly industry threat reports
Candidate Info
years in workforce
months at this job
Telecommunication Electronic Systems
Information Technology
Information Technology
Pm/ Sr Cyber Security Analyst
Hired specifically as a cybersecurity compliance analyst and internal auditor performing additional project management duties. Left the organization to return to the Department of Defense (DoD) opportunities that sustained an active security clearance.
- Developed Certification and Accreditation (C&A) artifacts and system security documentation for FISMA compliance requirements using the NIST SP-800 series. Provided project status reports for detailed and thorough visibility of contract performance. Developed security products for the Department of Energy (DOE) under NIST standards, the Code of Federal Regulations Title 10 (10 CFR 73.54), and Department of the Navy (DON) cyber security guidance.
- Interfaced with senior client management and business users to map out and document business and/or IT requirements; documented baseline business processes, systems, information, and technologies. Identified opportunities for organizational improvement and communicated strategies to achieve desired results.
- Validated information system boundaries in support of the C&A process; creates system architecture diagrams; worked with information system managers to verify operating environment, system interconnections, and user and system level boundary protections.
- Evaluated security controls for the Computer Security Incident response Team (CSIRT) providing policies, procedures, training, and testing exercises in conjunction with Contingency Plan Testing and/or Continuity of Operations Planning (COOP).
- Assessed information security requirements for NRC Safeguards Information (SGI) Sensitive Unclassified Non-Safeguards Information (SUNSI), and Restricted Data (RD) as typed for the Office of Nuclear Security and Incident Response (NSIR); Responsible for NSIR modifications to Human Resource Management System decommissioning (legacy due for modernizations)
Candidate Info
year in workforce
months at this job
Adj
Homeland Security / Cyber Security
Cyber Security Analyst
Performed cyber security monitoring by utilizing established operational procedures.
- Conducted data leak prevention (DLP), ensuring company sensitive and critical information did not leave the network.
- Monitored IT defense perimeter and scanning infrastructure, taking or recommending appropriate action per set procedures when. Reported incidents to appropriate Tier 2 or Tier 3 teams to determine any increased risk to the company and/or its clients.
- Processed intelligence reports through analysis of intelligence reports and briefings from various sources and documented indicators of compromise (IOCs) in company database.
- Responsible for handling the Intelligence and Email Operations for the SOC while maintaining proficiency of adversary tactics, techniques, and procedures (TTPs) through analysis of email headers, malware analysis, and open source intelligence.
- Familiar with multiple information security tools such as; SIEM Qradar, Intrusion Detections and Preventions Systems (Sourcefire), Malware Analysis (Hydra Threat Analyzer, VirusTotal), email analysis in Rshield and Sureview, intelligence analysis (CRITs), proxy searches (Putty) and).
- Possess the ability to read and understand system data including but not limited to security event logs, system logs, proxy and firewall logs.
Candidate Info
years in workforce
year at this job
Information Systems Computer Security
Joint Task Force - Global Network Operations - Cyber Security Analyst
Performed cyber fusion analysis to detect and mitigate threats to the Department of Defense (DoD) Global Information Grid (GIG).
- Shared threat information to internal and external government organizations.
- Provided situational awareness reports to JTF-GNO leadership and DoD Computer Network Defense Service Providers (CNDSPs) regarding specific threats to the DoD GIG in order to facilitate timely mitigation planning.
- Researched adversarial tactics, techniques, and procedures (TTPs). Utilized the knowledge gained from research to data mine Netflow and packet capture repositories in order to identify current threats.
- Created visual representations of adversary TTPs to be used in cyber reports and leadership briefings.
- Developed correlation logic to aid in the future detection of threats to the DoD GIG.
Candidate Info
years in workforce
year at this job
Information Science
Cyber Security Analyst, NIST A&a Specialist
- Supported the development of security documentation to complete A&A packages.
- Performed and documented IA Control compliance assessments for GSS and Major Application systems.
- Initiated and reviewed artifacts in compliance with NIST RMF process.
- Completed meeting minutes and prepared other documents as required by the assigned Team Lead.
- Provided SME support to the project for developing accreditation package deliverables.
- Performed quality assurance reviews of A&A artifacts and identify discrepancies in work.
Candidate Info
years in workforce
years at this job
Computer Information Systems
Cyber Security Analyst, Shift Lead
Collaborated with a team of analysts to provide packet analysis and Intrusion Detection System(IDS) support to the Federal Aviation Administration Mission Support Network.
- Detected and reported incidents of network intrusion and policy violations from numerous internal and external sources.
- Performed daily vulnerability assessment, threat assessment, mitigation and reported activities to safeguard assets.
- Provided second level analyst quality control to junior colleagues.
- Researched the latest viruses, worms, etc. and the latest technological advances to stop unauthorized access to information.
- Supported information assurance asset deployments, upgrades, and maintenance.
- Assessed and reviewed current technology infrastructure to identify key risk areas and ensured a level of control was in place to handle those risks.
- Develop security event remediation, recovery, and strategies in compliance with ITIL and NIST standards.
- Performed other network security and information assurance duties as assigned.
Candidate Info
years in workforce
years at this job
Business Administration
CSIRT Cyber Security Analyst - Federal Deposit Insurance Corporation (fdic) - Client Site
Provided 24/7 incident response for FDIC's nationwide locations ensuring threats and vulnerabilities are quickly addressed and mitigated.
- Perform thorough investigations of Security Incidents using available tools and resources.
- Reported impacts of Security Incidents to FDIC executive management.
- Monitored malware activity on the FDIC network and devised plan for resolving infections.
- Monitored Intrusion Detection Systems and ArcSight channels for threats and vulnerabilities.
- Monitored and tracked security vulnerabilities to ensure affected systems are patched.
Candidate Info
years in workforce
year at this job
Political Science
Cyber Security Analyst for The National Science Foundation
- Analyzed the latest Federal Information Security Management Act (FISMA) cyber security metrics and successfully collaborated with management to ensure the National Science Foundation's compliance with Federal cyber security requirements.
- Assisted with annual FISMA audit tasks including planning, notification, and evaluation and validation of NSF's IT security evidence.
- Recipient of team award for NSF's #1 finish in FISMA compliance. NSF achieved a nearly 100% compliance score with Federal cyber security requirements.
- Assisted in preparing NSF's annual IT Security Awareness Training, to include conducting class room sessions on anti-phishing best practices.
- Submitted weekly reports to the Chief Information Officer on the latest global cyber threats, system vulnerabilities and remediation efforts.
Candidate Info
years in workforce
months at this job
Information Technology Systems
Project Management
Information Technology Management
Cyber Security Analyst/hbss Administrator
Made a transition back to a support role as an HBSS Administrator; completed multiple HBSS FedVTE courses and training before site shutdown.
- Engaged with stakeholders of up and coming projects for business expansion.
- Upheld corporate training policy for compliance, as well as achieved personal academic growth standards.
- Consistently maintained involvement with the Support team at the client site, using e-mail and teleconferencing correspondence to close the gap as much as possible.
Candidate Info
years in workforce
years at this job
Cyber Security
Information Systems
Information Systems
Security Engineer/cyber Security Analyst
Security Engineering & Certification and Accreditation; lead the Department of the Navy (DON) networks including Integrated Shipboard Network System (ISNS), Submarine Local Area Network (SUBLAN), Consolidated Afloat Network Enterprise Services (CANES), Sensitive Compartmented Information (SCI), and Networks and Automated Digital Network System (ADNS).
- Information System Security Engineer (ISSE); provided lead ISSE and IA Integration support to the Application Integration (AI) effort, ensured secure integration of Naval Afloat Cyber assets into the CANES Common Computing Environment (CCE), and supporting a Systems of Systems concept.
- Created C&A documentation through all phases for Department of Defense Information Assurance Certification and Accreditation Process (DIACAP), Risk Management Framework, NIST 800- 37 and DCID 6/3.
- Performed penetration testing and security assessments using Gold Disk, eEye Retina, Windows Automated Security Scanning Program (WASSP), and Security Scanner (SECSCN) automated assessment tools to ensure compliance with DoD 8500 Regulations & DCID 6/3 for SCI systems. Advised Program Managers (PM) on impacts from assessments and potential solutions for the accreditation of Intelligence Community (IC), and General Service (GENSER) afloat and shore based systems.
- Developed security test plans based upon NSA System Network Attack Center (SNAC) guides and DISA Security Technical Implementation (STIG) guides for VMWare ESX, RHEL, Cisco routers, and Windows XP/7 & Server 2003/2008/2012.
- Completed annual security assessment to maintain Federal Information System Management Act (FISMA) compliance status for Intelligence Community (IC), and Naval Networks systems through Department of Defense Information Technology Portfolio Repository-Department of Navy (DITPR DON).
Candidate Info
years in workforce
years at this job
Information Systems
Task Lead/senior Cyber Security Analyst
Performed all-source analysis on information related to computer crimes, counterintelligence investigations and operations.
- Coordinated, and synchronized cyber operations and investigations involving the Department of Defense Criminal Investigative Organizations and other government Law Enforcement and Intelligence entities.
- Produced cyber technical intelligence assessments for investigations stemming from the intelligence, law enforcement, and computer security communities.
- Developed new business opportunities, and drafts statements of work, proposals, whitepapers, personnel assessments, and personnel awards.
- Mentoring all incoming project staff and developed national level cyber security contracts.
- Coordinated multiple exercises with internal and external DOD agencies to ensure continuity of operations.
Candidate Info
years in workforce
months at this job
Information Technology
Military Service
Cyber Security Analyst
- Maintained a repository of malicious IP addresses and domain names; created custom intrusion detection signatures; recommended as well as experimented with tools and techniques that helped to prevent future intrusion.
- Provided Tier 2 Computer Network Defense (CND) services to monitor, analyze, detect, and respond to unauthorized activity within DoED information systems and computer networks.
- Contributed routinely to situational awareness, attack sensing and warning (AS&W), and indications and warning (I&W).
- Responded to security incidents (or events) in a timely and proactive manor to ensure proper mitigation of those issues.
- Preformed network discovery/device management with tools such as RedSeal.
- Utilized tools such as Bluecoat, EOP, Splunk, to identify suspicious web and email traffic going in or leaving the network.
- Conducted web scans on a scheduled and adhoc basis with WebInspect.
Candidate Info
years in workforce
years at this job
Cyber Security Analyst
Perform malware analysis from shell code exploitation, obfuscation methods, and other exploits as defined in the public domain.
- Use reverse engineering tools and techniques as it pertains to network traffic collection and analysis.
- Work in a 24 x 7 SOC environment, responsible for performing leading edge intrusion detection and prevention technologies and creating and approving reports for security incidents detected by the world class monitoring solution.
- Deconstruct cyber-attack event sequences; including performing advanced forensic analysis of, network-based data.
- Worked with monitoring tools such as Wireshark and McAfee NTR (Network Threat Response).
- Use Sysanalyzer and Java Decompiler for malware dissecting.
- Upload data captures to malware scanning sites to detect any suspicious activity such as Trojan malware, password stealers, website redirecting tools and all malware activities to inclugde with the malware report to be submitted to the customer.
Candidate Info
years in workforce
years at this job
Computer Programming & Information Systems
Information Technology Management
General Dynamics Cyber Security Analyst
Support the daily operations of the JC3 (Joint Cyber Security Coordination Center) for the U.S. Department of Energy.
- Ensure the safety of information systems assets and protect systems from intentional or inadvertent access or destruction.
- Develop approved Standard Operating Procedures (SOP's) including escalation procedures for clearing various hardware and software platforms, as new requirements are identified or arise.
- Provide technical phone support to government agencies consistent with Tier I/II analysts' support. Answer detailed technical, informational and professional questions, and provide callers with timely resolution for reported incidents and follow up on open tickets and escalate to appropriate response groups.
- Ensure reporting of information security events and weaknesses associated with information systems in a manner allowing timely corrective action.
- Generate detailed security incident reports and disseminate the reports in accordance with incident response and reporting standard operating procedures.
Candidate Info
years in workforce
years at this job
High School Diploma
Cyber Security Analyst
Conducted System Analysis and Incident Response on security events from BlueCoat, Firewall and IDS, then provided recommended course of action for mitigation
- Actively monitored Classified and Unclassified Networks for suspicious network activity using ArcSight ESM
- Performed Dynamic and Static analysis on potential Malware samples.
- SourceFire team member tasked with developing Snort rules to mitigate against emerging threats
Candidate Info
years in workforce
years at this job
Cyber Security Analyst
Applied appropriate information security controls for Federal Information Systems based on NIST 800 Series, 800-37 REV.1, SP 800-53 REV.4, FIPS 199 and FIPS 200.
- Conducts systems and network vulnerability scans in order to identify and remediate potential risks.
- Develops Plan of Action and Milestone (POA&M) through Establishment of schedules and deadlines.
- Held kick-off meetings with the Chief Information Security Officer (CISO), and system owners prior to assessment engagements.
- Prepares security assessment plans (SAP) for system owners review and approval
- Develops and updated system security plans.
- Performs Risk Assessment (RA), Privacy Impact Assessment (PIA), System Security Test Evaluation (ST&E) and Plan of Actions Milestones (POAM).
Candidate Info
years in workforce
months at this job
Organizational Management
Information Technology Specializing
Cyber Security Analyst
Conduct security interviews to validate IT system inventory, system ownership, and security compliance data.
- Perform Risk Management Framework (RMF) gap analysis to identify the actual authorization status, along with areas that require development.
- Schedule and attend ad hoc meetings with system owners whose systems are being certified and with certifiers who are engaged in performing system certifications.
- Create, Validate, and Update security artifacts (FIPS 199, E-Authorization, Privacy Threshold Analysis and, if required, Privacy Impact Assessment Security Plans, Contingency Plans, POA&Ms).
- Oversee system authorization efforts and spot-check compliance.
- Review final documentation for quality control purposes, present deliverables, respond to customer comments and questions about the deliverables.
Candidate Info
years in workforce
months at this job
Mathematics / Chemistry
Business Management / Finance
Cyber Security Analyst
Evaluate cyber security solutions for use in Critical Systems Resilience (CSR) architecture based on controls listed in NIST 800-53
- Draft documentation, test plans and analysis with the end goal of developing a standard, security focused architecture for CSR.
- Assist with the design and implementation of network simulation environment (sandbox).
- Continual research and evaluation of current cyber threat environment.
- Assist the open source intelligence team, and other company projects as directed.
- Assist with the development of web application.
Candidate Info
years in workforce
months at this job
Depth
Computer Incident Response
Windows Forensic Analysis
Cyber Security Analyst
- Tier 2 analyst at a Cyber Security Operations Center (CSOC) supporting the Tennessee Valley Authority.
- Primary role was to perform incident response and malware analysis of compromised machines. Conducted malware analysis with the FireEye Malware Analysis System. Mainly used EnCase 6 for forensic investigations (I favor it over v7).
- Secondary role was to conduct SIEM analysis (McAfee Nitro/ESM) looking for potential compromises either from alerts or manual analysis. Utilized Netwitness for full packet capture when correlating events from the SIEM.
- Conducted internal investigations on employees who were suspected of using corporate assets for misconduct.
- Authored standard operating procedures for Windows forensic analysis including memory analysis utilizing Volatility.
- Researched latest threats using open source intelligence sources (Mandiant, Sophos, Kaspersky, @Kafeine, /r/netsec, etc).
- FISMA, NERC CIP, and NIST compliances followed.
Candidate Info
years in workforce
months at this job
Cyber Security Analyst /computer Network Defense
Configured and harden(stig) a Windows 7 image to meet all DOD and Marines Corp standards
- Create Retina Scans for the West Region and report on category 1,2 and 3 for non-compliant systems
- Perform SCAP scans SCAP Compliancy Checker to perform Group Policy and Registry changes to Operating Systems to DOD requirements.
- Run HBSS and Hips queries using ePO 4.5
- Responsible for Engineering, implementing and maintaining system security and configurations of 5 company servers while providing IT support, to include planning, software and hardware configuration to a staff of 2500 end-users.
- Created a Backup Solution for Servers that did not have a backup solution.
- Built out lab environments to test servers before putting them in production.
Candidate Info
years in workforce
years at this job
Business Management
Computer Information Systems
Senior Cyber Security Analysts/program Manager
Supervised and assigned work tasks to a small team of analysts focusing on insider threats, fraud, waste and abuse.
- Developed the internal cyber security program and the operational activities for network monitoring.
- Conducted hands-on monitoring of network traffic for user violations of acceptable use policy and potential insider threats.
- Worked closely with the government senior management to manage the cyber program.
- Built the incident tracking and documentation repository using SharePoint.
- Worked closely with the government Technical Director to research existing and emerging enterprise enabled cross-domain technologies.
- Created and built vendor contact database and CDS product lists for cross-referencing requirements with available CDS technologies.
- Provided technical advice and guidance on emerging CDS technologies based on research and vendor interaction.
Candidate Info
years in workforce
years at this job
Information Technology
Senior Network Cyber Security Analyst
Supervised a 10 man cyber analysis team responsible for detecting, investigating and reporting computer network exploitations across DoD networks.
- Created and deployed IDS signatures to detect and alert analysts of malicious activity on two different platforms.
- Analytically reconstructed network intrusions to provide a chronological explanation of events, attack vectors, damage assessments, and the potential effects on the rest of the DoD networks, through formal reporting.
- Recommended preventive, mitigating, and compensating controls to ensure further network exploitation is minimized.
- Briefed various government officials; including flag level officers, on intrusion updates. Provided a presentation at a technical forum on specific intrusions; detailing the analytical process and the effectiveness of collaboration of various organizations.
Candidate Info
years in workforce
years at this job
Certificates
Cyber Security Analyst
Provided IAVA and STIG support to the FURY System within the NAVAIR PMA205 program
- Provided Information Assurance support to the Tactical Training Range (TTR) department of PMA205
- Supported the IAO with multiple system accreditation and Cross Domain Solutions (CDS) approvals
- Generated documentation for the DIACAP process, PIT Determinations, CDS approvals, Risk Assessments, and Mitigation Plans
Candidate Info
years in workforce
year at this job
Business Management, Marketing And Administration
Computer Information Systems
Cyber Security Analyst
Coordinating and ensuring technical requirements of cyber security and appropriately evaluated, developed, implemented and integrated into the overall site information technology infrastructure
- Reviewing and analyzing planned projects and initiatives that may have an impact on the cyber security posture of [company name].
- Performing analyses to identify threats, vulnerabilities, and assess risk to computing resources
- Performing tests and assessments on system and/or telecommunications networks to ensure the security configuration and operation is as described in security plans.
- Monitoring compliance with the organization's security policies and effectiveness of risk mitigation measures; monitoring internal systems to ensure that the appropriate security policies are being properly and effectively implemented
Candidate Info
years in workforce
years at this job
Government & Politics
Multiple Roles - Currently Master Cyber Security Analyst
Appointed Information Systems Security Officer (ISSO) for classified and unclassified enterprise networks
- Program-designated Public Key Infrastructure (PKI) Trusted Agent responsible for interfacing with the Certificate Authority (CA), managing certificates for servers and personnel, configuring certificate revocation applications (OCSP, CRL)
- Implement and manage Assured Compliance Assessment Solution (ACAS - AKA Nessus) on complex enterprise networks to support vulnerability management and help ensure compliance
- Managed projects within an IT Services & Support environment supporting two Department of Defense (DoD) combatant commands (USEUCOM & USAFRICOM)
- Managed primary USEUCOM data center containing both classified and unclassified systems
- Developed ITIL-based processes to support Release Management within an IT Services & Support environment supporting two DoD combatant commands
- Led a team of 7 in creating DoD Information Assurance Certification and Accreditation (C&A) Process (DIACAP) accreditation packages for USAFRICOM systems
- Performed Security Assessments based on Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIG) and Information Assurance Vulnerability Alerts (IAVA)
- Performed Security Test and Evaluation (ST&E) based on National Institute of Standards and Technology (NIST) guidelines
- Developed corporate Certification and Accreditation (C&A) program based on NIST guidelines
Candidate Info
years in workforce
years at this job
Math And Computer Science
Cyber Security Analyst
Perform and interpret regular vulnerability assessment scans using Retina and Nessus network scanners.
- Use IBM Endpoint Manager to extract vulnerability reports and determine patch management status
- Organize weekly meetings with system owners/administrators to formulate strategic approach to securing network and addressing vulnerabilities
- Conduct, direct, and coordinate responses to cyber-attacks, classified material incidents, virus infections
- Worked under two different contractors, in my current position
Candidate Info
years in workforce
years at this job
Business Administration, Management
Computer Science
Cyber Security Analyst
Reconfirmation and initial escalation of High/Medium severity incidents with regard to custom client escalation procedures
- Meet Ticket SLAs based on ticket classification
- Live troubleshooting of possible IDS/IPS signature/iptable based involvement on specified traffic with special focus on service ports and host IPs
- Perform real-time log analysis to provide network and data security
- Triage and handling of inbound calls, document all client communications
- Configure and troubleshoot SecureWorks IDS/IPS and associated infrastructure
- Assess incident severity and escalate to the next level as needed
Candidate Info
years in workforce
months at this job
Computer Science
Cyber Security Analyst Jr
Perform system security reviews and DIACAP validation activities on a large scale enterprise system
- Evaluate design changes for Cybersecurity risk
- Analyze and review the results of network and system vulnerability scans and be able to validate the implementation of IA Controls in accordance with DoD 8500.2
- Draft accreditation support documentation to include POA&Ms, Risk Assesment Reports, and Certificate Determinations
- Support Government lead with C&A impact recommendations for technical changes presented at CSR
- Assist with Enterprise Risk analysis and validation
Candidate Info
years in workforce
months at this job
Information Technology / Visual Communications
Cyber Security Analyst
Analyze escalations from end-users and/or US CERT to determine proper remediation.
- Escalate incidents to appropriate groups to begin remediation.
- Identify opportunities to improve processes and services delivered to the client, U.S. DOI.
- Process external sources of threat intelligence to create content for detection of emerging threats and zero-days via use of tools such as Wireshark, ACE live and Tipping Point appliances for analysis.
- Strong working knowledge of system administration, UNIX and Windows.
- Perform regular review of existing signatures on customer IPS devices to ensure optimum analysis.
- Perform backend tuning to intrusion detection and health monitoring event management platforms to ensure optimum analysis
Candidate Info
years in workforce
years at this job
Computer Science
Technology Management
Information Security
Cyber Security Analyst/security Controls Assessor
Manage the McAfee Endpoint Protection Enterprise Host Based Security Systems (HBSS) for over 5,000 systems to include, Host Intrusion Prevention Systems, Data Lost Prevention, Asset Baseline Monitor, Policy Auditor, and Virus Scan Enterprise
- Oversee the SEIBEL trouble ticket support web system and resolve or distribute over 100 service request and activities a month
- Investigate and resolve security incidents, develop incident reports, and aggregate a monthly incident status report
- Maintain and manage courier system of computer and peripheral to ensure system accountability
- Evaluate security assessment documentation and provide written recommendations for security authorization to the Authorizing Official (AO)
- Evaluate threats and vulnerabilities to information systems to ascertain the need for additional safeguards
- Advise the information system owner concerning the impact levels for confidentiality, integrity, and availability
Candidate Info
years in workforce
months at this job
Cyber Security Analyst
Update the controls changes from NIST-800 53 rev 3 to NIST-800 53 rev 4 and control assessment changes from NIST-800 53A to NIST 53A rev4
- Write GSS & Infrastructure Implementation statements in RiskVision.
- Review Regional Offices' artifacts and implementation statements in RiskVision
- Updates & closes regional offices Findings/POA&M
- Facilitate FISMA Continuous Monitoring Test Cases NIST 800-53 Rev 4 Update.
- Conduct Security Risk Assessment on all new applications, IT Systems or changes to existing IT systems to verify if they satisfy established security baseline before adoption into VA Regional offices.
- Conduct Security Risk Assessment on new Vendors and annual Vendor Risk Assessment.
- Assist management in authorizing the IT Systems for operation on the basis of whether the residual risk is at an acceptable level or whether additional compensating controls should be implemented.
- Ensure compliance with Baseline security configurations, IT controls and policy standards.
- Developed and Implemented information security governance processes including policies, procedures, requirements, risk management and RBD SOP.
Candidate Info
years in workforce
years at this job
Information Science And Technology
Cyber Security Analyst/technician
- Serve as the 1st Marine Division Cyber Security Analyst/Technician to ensure assets are updated in accordance with Department of Defense and National Security Agency policies, directives, and best practices
- Manage patching, assessment scanning, and reporting for the 1st Marine Division
- Conduct incident management and response on classified and unclassified networks
- Implement and manage McAfee ePolicy Orchestrator on networks supporting 700+ systems
- Oversee network planning and advise on security implementation
- Develop Plans of Action and Milestones to remediate identified vulnerabilities
- Coordinated lower unit support during September 2013 Defense Information Systems Agency Cyber Command Readiness Inspection to ensure classified material stored and processed properly
Candidate Info
years in workforce
years at this job
Business Administration And Marketing
Business Administration And Marketing
Junior Cyber Security Analyst (cirt)
Monitor and analyze IDS data signature indicators of known threats and anomalies; investigate callouts and coordinate remediation with personnel worldwide.
- Extract PCAP and .bin files from Wireshark for use in additional research and analysis on anonymous network.
- Monitor traffic on CLAN to include information provided by outside Intelligence Agencies.
- Provide detailed status updates on existing cyber security incidents to include follow up with client/customer to ensure satisfactory resolution.
- Convey verbal briefings to management on pending cyber incidents as well as coordinate with US-CERT and AV Vendors as necessary to convey incident information.
- Act as alternate shift lead as necessary, mentor new associates on process and procedure, manage group mailbox, and open tickets for new incidents.
Candidate Info
years in workforce
years at this job
Computer Information Systems
Information Technology
Systems Engineer 4 - Cyber Security Analyst
Conducts Security Test & Evaluations on government systems in support of the Certification and Accreditation process, to ensure systems adhere to DHS 4300A policy, follow NIST guidance, and are FISMA compliant.
- Collaborates with information system personnel as well as system infrastructure groups to determine validity of server configurations.
- Supports Vulnerability & Exploit Testing by utilizing scanning tools to complete vulnerability assessments.
- Participates in team lessons learned meetings as well as technical webinars/seminars, and incorporates improvements to assessment methodologies.
- Evaluates system demonstrations based on review of system requirements documentation.
- Provides support to team members for malware and continuous monitoring efforts to prevent system security breaches.
Cyber Security Analyst Resume Success Stories
Cyber Security Analyst Resume FAQ
What skills should a cybersecurity analyst have?
You can write a job-winning resume by including an equal blend of cybersecurity technical, hard and soft skills. We compiled a list of the most commonly requested skills to help you get started.
Technical skills:- Linux coding
- Python coding
- Data analysis software knowledge (Splunk, SAS Forecasting, Erwin Data Modeler)
- Scripting
- Intrusion detection
- Digital forensics
- Network authentication
- Network security control and management
- Digital forensics
- Threat knowledge
- Collaboration
- Attention to detail
- Critical thinking
What are three responsibilities a cybersecurity analyst may have?
Your cybersecurity responsibilities may vary according to your seniority and the industry you analyze. However, most entry-level and midlevel cybersecurity jobs include the following tasks:
- Investigate security breaches and identify code vulnerabilities
- Collaborate with project stakeholders to respond to potential security breaches
- Install, operate and maintain security systems and software
You can also boost your resume and technical translation skills with these frequently requested resume skills. These soft skills can help showcase your collaborative and interpersonal skills, making you an appealing candidate for large, interactive teams.
How do I start a cybersecurity job without experience?
If you’re interested in your first cybersecurity job, you can tailor your resume to focus on IT-related experience and transferable skills. For example, discussing your knowledge and implementation of corporate information security policies and collaborative projects between IT and internal development teams can help you segway into your first cybersecurity analyst role.
Cyber Security Analyst Duties and Responsibilities
Cyber security analysts take on a range of different tasks that depend on the organization they work for. Based on job listings we analyzed, a cyber security analyst's duties typically involve:
Monitor Computer Networks Cyber security analysts monitor the organization's computer networks and systems to identify any violations and security breaches that need to be resolved.
Install Software Cyber security analysts are responsible for installing and utilizing software, such as firewalls and data encryption programs, to help protect the company's data and sensitive information.
Conduct Tests on Systems Cyber security analysts carry out regular tests to simulate attacks so they can identify areas where the company is vulnerable and ways in which its systems might be exploited by hackers and viruses.
Develop Processes and Standards Cyber security analysts develop processes and regulations to ensure the company's systems stay as safe as possible, in addition to developing security standards for all employees to adhere to. This involves researching the latest information technology security trends and software to help prevent any issues.
Prepare Reports Cyber security analysts prepare and create regular reports to document any process implementation, improvements made, and security breaches that caused damage to the company.
Cyber Security Analyst Skills and Qualifications
Cyber security analysts need to be critical thinkers with excellent attention to detail. They also need the ingenuity to find new ways to improve current systems and networks within an organization. Typically, employers require a bachelor's degree in a computer-related subject as well as the following abilities:- Analytical thinking - cyber security analysts study computer networks and systems and assess any risks to see how security policies can be improved, so strong analytical skills are important to this job
- Problem-solving skills - cyber security analysts must quickly respond to security alerts and fix any network flaws, so they need to be good at resolving issues
- Attention to detail - detail is important in this job, as some cyberattacks are difficult to detect and could affect the safety of the company's data, so cyber security analysts must be detail oriented
- Critical thinking - cyber security analysts assess risks and find new ways to protect the computer networks within their organization, so they need critical thinking skills to resolve unforeseen problems and think strategically
- Technical skills - cyber security analysts work with computer programs, networks, and systems on a daily basis, so they need to be technically minded to resolve issues and quickly pick up new software
Cyber Security Analyst Education and Training
The minimum requirement to become a cyber security analyst is a bachelor's degree in a computer-related field, such as computer science, information assurance, or programming. Some companies may prefer applicants who have a Master of Business Administration (MBA) in information systems; these programs usually require two years of previous study beyond the undergraduate level, including business and computer-related courses. Candidates looking to improve their chances of employment may also choose to earn a certificate in information security. There are several general information security certifications available, including the Certified Information Systems Security Professional (CISSP) designation.
Cyber Security Analyst Salary and Outlook
The median annual salary for cyber security analysts is $95,000, according to the Bureau of Labor Statistics (BLS). Cyber security analysts in the 10th percentile earn around $55,000 annually, while the highest paid earn close to $153,000 a year. The higher end of this pay scale can include bonuses and profit-sharing opportunities of up to $15,000. Over 80 percent of companies provide medical and dental insurance as part of their benefit packages. The BLS predicts that this sector will grow 28 percent through 2026.
Helpful Resources
We've collected some of the best resources to help you learn more about a career as a cyber security analyst:
Cyber Security - this LinkedIn group has over 13,000 members from all over the world and aims to bring together like-minded professionals in the computer security sector who want to network, discuss the latest industry trends, and share knowledge
Cybersecurity - Attack and Defense Strategies - this comprehensive guide helps readers gain a clear understanding of different defense methods and how to recognize abnormal behavior within an organization's network and computer systems. It provides expert knowledge on how to mitigate risks and prevent attackers before they have a chance to infiltrate the system
Cybersecurity for Beginners - for those new to the industry, this book provides a great introduction to the essentials of cyber security and how the world of technology has developed over the last decade
CSO Online - this site covers all things related to security and risk management, from physical and information security to identity and access management. It's a useful site for staying up to date with the latest news and trends
