Senior Virtualization and Storage Security Analyst with Security Clearance

---

Job description

Title: Senior Virtualization and Storage Security Analyst Location: Reston, VA; Washington, DC; Northern Virginia National Capital Region Clearance: TS/SCI w/CI Poly Travel Requirements: Must be willing to travel up to 30%, including local travel within the National Capital Region (NCR) of Northern Virginia, Maryland, and Washington, DC. Apavo is at the forefront of cybersecurity, providing services to military, defense, and critical infrastructure industries. Our vision of cybersecurity as a holistic, ongoing journey enables us to offer solutions that effectively mitigate risks and address vulnerabilities within any enterprise. As the cyber landscape continuously evolves, so do we, ensuring our services not only meet but exceed the ever-changing needs of our mission-critical clients. From compliance assessments and vulnerability analysis to comprehensive information system security management, Apavo's suite of services is designed to protect and serve the most sensitive and significant sectors of our society. Joining the Apavo team means becoming part of a company rooted in the principles of integrity, quality, and communication. We value positive, candid interactions and the belief that everyone has valuable contributions to make. Apavo stands out for its commitment to a work-life balance and fostering a growth mindset among all team members. If you are looking to make a meaningful impact in the cybersecurity world while growing professionally in a supportive, dynamic environment, Apavo is the place for you. We are seeking an experienced TS/SCI cleared Senior Virtualization and Storage Security Analyst to join our team in Reston, VA. The ideal candidate will provide expert technical support during inspections within the Intelligence Community Integrated Environment (IC IE). This role requires extensive expertise in hypervisor and storage security, agility, and diligence in supporting efforts to secure and modernize the JWICS environment. This is an on-site role. Responsibilities: Virtualization and Storage Review: Conduct comprehensive security audits of hypervisor configurations and VM deployments.
Apply security hardening guidelines for VMs and hypervisors following standards such as those provided by the Center for Internet Security (CIS).
Manage and secure virtualized network functions, including virtual switches, firewalls, and routers.
Implement and monitor virtual network traffic to detect anomalies and ensure data flow integrity.
Manage resource allocation to VMs and implement role-based access control (RBAC) for hypervisor management.
Conduct patch management and vulnerability remediation for hypervisors and guest operating systems.
Design and implement disaster recovery plans for virtualized environments, including backup and replication strategies for VMs.
Securely configure virtual appliances and services running on hypervisors. Policy Review: Conduct reviews based on IC policies, including Insider Threat, Host Based Security (HBS), Vulnerability Management, Auditing, Public Key Infrastructure/Enabling (PKI/PKE), and more.
Coordinate with multiple organizations and reviewer staff to consolidate reports and validate configurations.
Conduct interviews, complete checklists, and provide input to written reports on compliance and associated risks. Technical Assessment: Interact with leadership and site technical staff to facilitate scoping, data support for security controls assessment, and execution of operational inspection plans.
Collect data to review the Threat Informed Critical Controls List (TICCL) and provide input on security controls and potential vulnerability exploitation.
Participate in planning, executing, and reporting on security audits and network vulnerability assessments with minimal supervision.
Prepare assessment deliverables, including Security Risk Assessments, compliance data, and STIG data.
Communicate the impact of vulnerabilities through presentations and written deliverables. Knowledge, Skills and Abilities Education: Bachelor's degree in Computer Science or a related technical discipline. 12 years of experience or the equivalent combination of education, professional training, or work experience.
Certification: Candidates must possess DoD 8570 IAT III level certification. Skills: At least five years of experience in system administration with Hypervisor platforms such as ESXi, Hyper-V, and Storage Area Networks (SAN).
A minimum of eight years of experience in Cyber/Information Assurance, with a comprehensive understanding of cybersecurity disciplines including the Risk Management Framework, DevSecOps, and cybersecurity engineering.
Strong understanding of vSphere, vCenter, and vSAN.
Skilled in conducting thorough security audits of hypervisor configurations and VM deployments.
Proficiency in managing and securing virtualized network functions and implementing micro-segmentation.
Experience in managing resource allocation to VMs and implementing RBAC for hypervisor management.
Knowledge in applying security hardening guidelines for VMs and hypervisors following CIS standards.
Demonstrated experience in managing patching processes for hypervisors and guest operating systems.
Skills in designing and implementing disaster recovery plans for virtualized environments. Preferred Qualifications: Experience in engineering and operations & maintenance of enterprise ESXi, Hyper-V, and Storage technologies.
Proficiency in using advanced vulnerability assessment and reporting tools such as Tenable, Splunk, and Tableau.
Demonstrated ability to operate across departments to implement cybersecurity principles effectively.
Capable of multitasking with efficient time management and possessing a comprehensive understanding of cyber threats, vulnerabilities, and network security methodologies. Join Apavo: If you are looking to make a meaningful impact in the cybersecurity world while growing professionally in a supportive, dynamic environment, Apavo is the place for you. Apply today to become a part of our dedicated team and help protect the most sensitive sectors of our society. Apavo is an Equal Opportunity Employer providing equal employment opportunities to applicants and employees without regard of race, color, sex, gender, age, religion or religious creed, national origin, ancestry, citizenship, marital status, sexual orientation, gender identity, gender expression, genetic information, physical or mental disability, military or veteran status, or any other characteristic protected by law.

<!– job description page –>