Zachary Piper Solutions is seeking a security analyst to support a secure flight program for TSA in Annapolis Junction, MD. The team is seeking an analyst well-versed with vulnerability management tools to help secure the environment for the TSA secure flight, no fly list program.
Location: Annapolis Junction, MD – on-site 1x a week
Hours: Standard operating hours, 8-4
Clearance: Secret clearance, must be able to pass TSA background check (3-6 weeks)
Responsibilities of the Security Analyst:
• Identify security tools, secure configurations, secure architecture blue prints, and processes in order to support security standards and compliance requirements
• Utilize vulnerability management tools such as Nessus, ACAS, Tenable, Burp to identify, categorize, and mitigate vulnerabilities
• Implement security standards and policies into infrastructure
Qualifications of the Security Analyst:
• Bachelors degree and 1+ years of experience managing vulnerability management systems and/or scanning tools
• Active Secret clearance, willing to obtain TSA clearance
• IAT II Certification highly preferred (Sec+, CySA+, GSEC, etc.)
• Experience with the following security tools; Nessus, Appscan, BURP suite
• Comprehensive knowledge in information security and security frameworks (RMF, NIST, STIGs)
• Hands on vulnerability management implementation and utilization experience
Compensation of the Security Analyst:
• Compensation: $70,000 - $80,000+ **based on years of experience**
• Full benefits: Medical, Dental, Vision, 401k, PTO/Holiday
• Hybrid work – remote 4x a week
• Fully funded, long-term program (3+ years remaining)
• Contract mobility and job stability through Zachary Piper Solutions
Keywords: TSA, Public trust, secret, secret, clearance, cyber, cybersecurity, cyber security, vulnerability, Nessus, Tenable, BURP, STIGs, RMF, risk management framework, assessment, top secret, topsecret, compliance, NIST, FISMA, Splunk, implement, security engineer, engineering, analyst, cyber analyst, hybrid, remote, TSA, DoD, Federal, networks, networking, Sec+, Security+, CYSA+, GSEC, CND, computer network defense, SOC, security operations, assessment, vulnerability assessment, blue team, purple team, information assurance, defense, CEH, IAT II, ITIL, ts/sci, top secret/sci, documentation, POA&Ms, vulnerability, Tanium, ACAS, security technical implantation guide, DISA, civilian, DHS, public trust, IT, information technology, security, CSOC, information security, endpoint, endpoint detection, analyst, security analyst, cyber analyst, vulnerability management1