Responsibilities
Sabre Systems is seeking a Cybersecurity/GRC (Governance Risk and Compliance) Analyst to join our team. This role is ideal for a proactive cybersecurity professional eager to work with advanced security tools and help maintain a strong security framework in an enterprise environment. The ideal candidate will have hands-on experience in cybersecurity operations, threat analysis, and security compliance, ensuring the protection of critical systems and data, and ensure compliance with current security framework controls.
Location & Work Arrangement: Open to various locations, preferably near a Sabre office (PA or MD), or within the mid-Atlantic region, with a hybrid work model for those residing within a 50-mile radius of a Sabre office.
Responsibilities:
* Conduct vulnerability scanning, and security risk assessments to identify and mitigate threats.
* Troubleshoot, debug, and upgrade security systems to enhance performance and protection.
* Execute comprehensive risk assessments and implement remediation strategies aligned with NIST, ISO, DFARS, and CMMC compliance frameworks.
* Assist in integrating security software components and verifying system functionality.
* Develop and maintain IT documentation, system configurations, security policies, and compliance procedures.
* Enhance system security by administering and configuring environments to meet updated regulatory compliance requirements.
* Engage in cybersecurity simulations to test threat response strategies and enhance risk mitigation efforts.
* Implement security systems that align with compliance standards and business objectives.
* Develop and deliver security reports, performance metrics, and strategic recommendations to key stakeholders.
* Continuously monitor emerging cybersecurity threats, trends, and technologies, providing informed recommendations on tools and techniques to strengthen the organization's security framework.
* Occasionally perform work for external commercial and government customers.
Qualifications
Qualifications:
* Bachelor’s degree in Cybersecurity, Information Security, Computer Science, or a related field (or equivalent experience).
* 5 years of experience in cybersecurity, IT security, or system administration.
* 5 years of GRC experience in NIST, ISO, DFARS, or CMMC security frameworks.
* Knowledge of security principles and techniques and understanding of IT security related technologies (e.g., data encryption, PKI, DLP/IDS, etc.)
* Hands-on experience with SIEM, firewalls, endpoint security, and compliance tools.
* Experience with vulnerability scanning, and risk assessments.
* Perform system administration tasks, including software updates, and patching.
* Understanding of computer security, system specifications, and cybersecurity policies.
* Basic knowledge of scripting (PowerShell, Python) for automation and security tasks.
* Strong analytical, troubleshooting, and policy development skills.
Preferred:
* Relevant certifications such as CEH, GSEC, Cisco Certified CyberOps Associate, Offensive Security Certified Professional, or Offensive Security Web Expert preferred.
* Proficiency with Microsoft Azure, Defender, Intune, and Microsoft 365 Security.
* Familiarity with web related technologies (Web applications, Web Services, Service Oriented Architectures) and of network/web related protocols.
* Ability to perform internal penetration testing.
* Current security clearance or the ability to obtain a clearance.
As a U.S. federal government contractor, we can only consider U.S. Citizens for this position.
EOE Minorities/Females/Disability/Veterans; VEVRAA Federal Contractor
#J-18808-Ljbffr