IT Security Analyst

security analyst position

IT Security Analyst

Required Clearance: Active Secret

The Security Analyst will fill one of the roles of the Enterprise Information System Security Office (ISSO) and Technical Expert in support of a Federal Agency CISO providing support by:

  • Demonstrating experience as an ISSO supporting major Federal systems/applications
  • Experience developing, tracking, and managing POA&Ms
  • Experience developing system/application Security Authorization documentation (SSP, CP, CPT, CMP, SAR)
  • Ability to perform comprehensive systems assessments to identify vulnerabilities and risks, including providing reporting on assessment results as well as risk mitigation and remediation recommendations and plans.
  • Communicate known security risks and solutions to mitigate risks to management and operational staff as needed.
  • Serve as a Security expert on application development, database design, network and/or platform projects, helping project teams comply with security requirements specified by OMB Circular A-123, FISMA and NIST Guidance.
  • Participate in network architecture reviews and develop detailed security requirements and design plans.
  • Responsible for the configuration of security controls to ensure the safety of information systems assets and to protect from unauthorized access or intentional destruction.
  • Recommend and schedule fixes, security patches, disaster recovery procedures and other required measures in the event of a security breach
  • Knowledge or experience with SharePoint, Mobile, Citrix, and Cloud Technologies
  • Keep current with emerging security trends, issues, and alerts
  • Excellent verbal and written communication skills

Preferred Skills:

  • Strong technical expertise in the understanding of network/system architecture and design
  • Understanding of scripting or programming languages as it relates to analyzing security data
  • Ability to utilize security tools (e.g. Nessus) to perform risk/vulnerability assessments
  • Ability to develop and recommend risk based decisions regarding the implementation and use of custom/commercial software/hardware products

Required Education:

  • Bachelors Degree or Higher
  • At least one IT Security Certification (e.g. Security +, CAP, CISSP, CEH, GSEC)

Required Years of Experience:

  • 5+ years