Senior Cybersecurity Analyst at Gunnison Consulting Group – Washington, District of Columbia

Salary: $135,000 - $143,000/year

Work Location: Remote with occasional on-site work in Washington, DC, at least once per month.

The Senior Cybersecurity Analyst leads in the proactive defense of the organization's information systems. This role provides expert-level guidance on cybersecurity operations, risk mitigation, incident response, and security architecture, ensuring the organization's IT environment remains secure, resilient, and compliant with applicable regulations and standards. The Senior Analyst acts as a mentor and technical authority, driving continuous improvement in security practices and fostering a strong security culture.

Key Responsibilities:

• Security Operations & Architecture:
  • Architect, implement, and manage advanced security solutions, including SIEM, ZTS, EDR, IDS/IPS, and other cyber management platforms, optimizing their effectiveness and integration.
  • Lead proactive threat hunting and vulnerability assessments, identifying and mitigating emerging threats before they can impact the organization.
  • Develop and champion security best practices and standards, ensuring their consistent application across the organization.
  • Provide expert guidance on secure system design and architecture
• Incident Response Leadership:
  • Lead and coordinate complex incident response efforts and conducting thorough post-incident analysis.
  • Develop and maintain comprehensive incident response plans, playbooks, and procedures, ensuring their alignment with industry best practices and regulatory requirements.
• Risk Management & Compliance:
  • Conduct comprehensive risk assessments, identifying vulnerabilities and recommending appropriate mitigation strategies.
  • Lead the development and implementation of security policies, standards, and procedures, ensuring compliance with frameworks such as NIST, ISO 27001, and other relevant regulations.
  • Provide advice on security compliance and audit requirements, supporting internal and external audits.
• Security Awareness & Training:
  • Develop and deliver engaging security awareness training programs, educating employees on best practices and promoting a strong security culture.
  • Mentor and guide IT staff on secure configurations and best practices, fostering their understanding of security principles.
• Collaboration & Communication:
  • Collaborate effectively with senior management, IT teams, and business stakeholders to communicate security risks and recommendations.
  • Provide clear and concise reports on security incidents, risk assessments, and vulnerabilities, presenting complex technical information in an accessible manner.
  • Represent the organization in security-related discussions with external vendors, partners, and industry groups.
• Continuous Improvement & Innovation:
  • Research and evaluate emerging security technologies and threats, recommending and implementing innovative solutions to enhance the organization's security posture.
  • Identify process gaps and recommend enhancements to security operations, driving continuous improvement in security practices.
  • Contribute to the development of the organization's overall cybersecurity strategy.

• US citizenship required.
• Minimum of 10 years of hands-on experience in cybersecurity, with a focus on security operations, incident response, and risk management.
• Technical Expertise:
  • Deep expertise in security tools and technologies, including firewalls, SIEM, IDS/IPS, ZTS, EDR, vulnerability scanning solutions, and cloud security platforms.
  • Advanced understanding of network protocols, operating systems (Windows, macOS, Linux, iOS, Android), cloud environments (AWS, Azure, GCP), and containerization technologies.
  • Proficiency in scripting languages (e.g., Python, PowerShell) for automation and security tasks.
  • Experience with security architecture and design principles.
• Analytical & Problem-Solving Skills:
  • Exceptional analytical and problem-solving skills, with the ability to analyze complex security logs and events to identify patterns and potential threats.
  • Proven ability to lead and manage complex security incidents.
• Communication & Leadership:
  • Excellent written and verbal communication skills, with the ability to effectively convey technical information to both technical and non-technical audiences.
  • Demonstrated leadership skills, with the ability to mentor and guide team.

Required certification(s), must meet at least one of the below:

• CISSP (Certified Information Systems Security Professional)
• CompTIA Security+
• AWS Certified Security Specialty
• Microsoft Azure Security Technologies Certified
• Vendor certifications from leading security vendors (e.g., Zscaler, CrowdStrike, Splunk)
• Certified Ethical Hacker (CEH)
• GIAC certifications (e.g., GSEC, GCIA, GCSH)

Clearance Requirement: Ability to obtain and maintain a Public Trust.

The salary range for this position depends upon multiple factors including location, the individual's knowledge, skills, competencies, and experience, and contract-specific budget constraints and organizational requirements.

Gunnison Consulting Group's total compensation package also includes bonus and profit-sharing opportunities, depending on company and employee performance. Available employee benefits include:

• 3 weeks of Personal Leave your first year
• 11 paid Holidays each year
• 5 days of Flexible Time Off each year
• 401(k) company match at 50% up to 10% of your salary
• Medical, Dental and Vision Insurance
• Life and Disability Insurance
• Public Transportation Subsidies
• Certifications and Training Allowance - Up to $5,000/year!

Why Join Gunnison?

• Gunnison takes on ambitious projects. We target fun, challenging work that requires creative thinking and innovation.
• Quality is our top priority.
• Gunnison employee benefits meet or exceed what other companies in the Washington, D.C. metropolitan area offer.
• There is a great sense of camaraderie at Gunnison. This is an atmosphere we will maintain as we continue to grow.
• We are growing rapidly and the opportunity for individual professional growth with Gunnison is outstanding.
• We hire for careers at Gunnison, not to fill a position.

Equal Opportunity Employer. Must be eligible for employment in the United States. We are unable to sponsor candidates at this time.

In 1994 Gunnison began serving the greater Washington, D.C. metro area, focused on tackling our customers' most ambitious technology projects. By creating a culture dedicated to enabling our customers and employees to achieve more than they ever thought they could, the company has thrived for over 25 years.