Senior Cybersecurity Analyst - EVAP Team (Top Secret clearance required)

Paradyme, a CATHEXIS Company is a rapidly growing government technology leader that puts service first, for its customers, its team and the communities it supports. We harness DevSecOps and Agile development processes to deliver exceptional results for digital transformations. Based in Tysons Corner, VA, our award-winning culture sets it apart through its team's deep commitment to service and collaboration with its customers, each other and the community. Learn more at PARADYME.

Paradyme is seeking experienced Cybersecurity Analyst with EVAP experience for upcoming projects in support of major federal law enforcement and intelligence customers. The people in these positions will work in secured federal facilities in: Washington, DC; Huntsville, AL; and Clarksburg, WV.

A current TOP SECRET clearance is required to be considered.

We are seeking a Senior Cybersecurity Analyst - Enterprise Vulnerability Assessment Program (EVAP). This role combines strategic oversight and technical expertise to ensure the government customer maintains a proactive and resilient vulnerability management posture across its enterprise systems and infrastructure.

Key Responsibilities:

Serve as the technical authority for enterprise vulnerability assessment tools and practices
• Manage the architecture, engineering, and operation of the EVAP scanning infrastructure
• Configure and optimize scanning solutions to ensure accuracy and effectiveness
• Stay current with emerging tools, technologies, and threat landscapes to refine methodologies

Operational Oversight

• Performs daily operations of EVAP allowing EVAP, Red and Blue Teams to perform timely and effective vulnerability assessments
• Provide hands-on support for complex scans, troubleshooting, and result analysis
• Align scanning activities with organizational priorities for maximum impact

Tool and Infrastructure Management

• Maintain and enhance the FBI's enterprise vulnerability scanning tools and infrastructure
• Ensure tools are secure, up to date, and effectively utilized across the organization

Comprehensive Vulnerability Assessments

• Participate in technical execution of enterprise-wide assessments across networks, systems, and ICS infrastructure
• Analyze vulnerabilities to assess risk and recommend remediation strategies
• Ensure assessments cover diverse technologies including OS, databases, applications, and network devices

Collaboration and Cross-Team Coordination

• Provide technical support during incident response efforts and cybersecurity exercises
• Ensures scans, reports and environment are set up and run according to the Master Schedule to meet deadlines and objectives
• Coordinate with Red, Blue, and SOC teams to share insights and support remediation
• Manage task assignments and workload distribution
• Collaborate with IT system owners to integrate scan results into the Governance, Risk, and Compliance (GRC) platform

Training and Policy Implementation

• Assist with the development and deliver training on vulnerability scanning tools and best practices
• Create, maintain and refresh Standard Operation Procedures (SOP) and ensure compliance with cybersecurity policies

Reporting and Communication

• Produce technical reports and executive presentations detailing vulnerabilities and remediation status.
• Act as a liaison to communicate risks and recommendations to the CISO and senior leadership

Continuous Technical Improvement

• Drive innovation in vulnerability management through new tools and process enhancements
• Lead initiatives to improve patching visibility and address systemic challenges

Required Qualifications:

• 5-8 years of cybersecurity experience, with experience administrating and engineering IT Infrastructure
• Expertise in vulnerability assessment tools, scanning methodologies, and enterprise infrastructure
• Strong understanding of vulnerability management lifecycle, risk analysis, and remediation strategies
• Excellent communication skills with the ability to translate technical findings into actionable insights

Preferred Certifications:

• Microsoft Certification(s)
• System Engineering expertise of Server, Network, Circuit, Patching and Cabling
• CISSP, CISM, CISA
• GIAC (e.g., GCIH, GCIA, GPEN)
• OSCP or equivalent
• ITIL or other infrastructure-related certifications

Paradyme, a CATHEXIS Company is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. If you are an individual with a disability and would like to request a reasonable accommodation as part of the employment selection process, please contact HR@paradyme.us