|Reference # : ||20-00005
||Title : ||Intermediate Information Security Analyst|
|Experience Level : ||
||Start Date : ||01/20/2020
| Description |
|Data Systems Analysts, Inc. is searching for an Intermediate Information Security Analyst. The ideal candidate will have strong data analysis skills and be capable of utilizing, MS Access, Excel and SQL to perform said analysis. The candidate will also possess in-depth knowledge of applying, selecting and testing the NIST family of security controls. The Intermediate Information Security Analyst will be part of a small team responsible for supporting the development and maturation of an Agency-wide information security program for a large civilian Federal agency. The Intermediate Information Security Analyst will be responsible for a variety of tasks including but not limited to:|
• Maintaining a vulnerability management process for the Agency,
• Coordinating data calls (FISMA, FMFIA, BDR, etc.) and monthly reports. CyberScope experience a plus.
• Managing InfoSec Program POA&Ms,
• Auditing POA&Ms,
• Analyzing vulnerabilities, POA&Ms and other findings,
• Providing administrative support to Telos Xacta IAM and/or RSA Archer users, and
• CDM implementation and support.
The Intermediate Information Security Analyst will primarily use Agency provided tools such as Xacta (Risk Management Framework support tool), CSAM, or RSA Archer to track and reconcile findings from the system assessments, audits, and vulnerability scans. The Intermediate Information Security Analyst will work closely with senior agency security officials, system owners, information security officers and other stakeholders. Additionally, the Intermediate Information Security Analyst will support other security program functions such as audit efforts, continuous monitoring, risk management and responding to ad hoc data calls. The ideal candidate will possess a strong technical background with practical experience identifying and implementing remediation measures for system vulnerabilities and a desire to be involved in the establishing and maturing an Agency-wide information security program.
Additionally, the Intermediate Information Security Analyst may also be required to support:
• Authoring operational procedures,
• Participating in peer review of deliverables, and
• Facilitating client meetings.
• US Citizenship
• 4-years or more of relevant job experience
• Experience supporting the Federal Government
• Written and oral communication skills including the ability to communicate complex technical issues to non-technical staff
• Experience applying, analyzing and assessing information systems and security controls (NIST SP800-53, Revision 4),
• Understanding of attack vectors and methodologies
• Knowledge of and experience with applying Common Weakness Enumeration (CWE) and Common Vulnerability Scoring System (CVSS)
• Experience working with perimeter technologies (e.g., firewalls, proxies, NIDS) and vulnerability management tools
• Demonstrated ability to prioritize and manage competing work assignments in a time sensitive environment
• Ability to weigh business risks and enforce appropriate information security measures
• Strong inter-personal and communications skills
• Experience with composing professional email correspondence
• Demonstration of ability to solve problems using best practices and systematic approach
• Experience with vulnerability management, patch management and configuration management best practices
• Knowledge and understanding of system development lifecycle
• Experience working with Federal Information Security Management Act (FISMA) requirements, and National Institute of Standards and Technology (NIST) guidelines
• Bachelor's degree
• CISSP, CISM or equivalent security certification
• Working knowledge of CMMI
• Working knowledge of ITIL
Preferred Tool Experience
• Tenable Nessus
• Security Content Automation Protocol (SCAP)
• Telos Xacta IA Manager
• CDM Dashboard/RSA Archer
MUST HAVE US CITIZENSHIP ; this will be verified prior to interview. Therefore, only US Citizens can be considered for this position.
Founded in 1963, Data Systems Analysts, Inc. (DSA) has been providing Defense and Federal Government customers' business-driven Information Technology and consulting solutions and services for more than 50 years. DSA's people excel in helping our customers achieve sensitive, mission-critical business goals and objectives. DSA is a 100 percent employee-owned company: every employee has a stake in the success of our company and our customers.Our culture embraces training and development opportunities that include leadership programs, employee networks, continued education, and much more. We recognize that building expertise in your profession benefits everyone, and our leadership training programs help employees better manage their projects, inspire coworkers and customers to action, and reinforce DSA's guiding principles since 1963.
We also value the unique combination of skills, abilities, aspirations, and backgrounds of every individual — our diversity makes us stronger. We are 100 percent employee-owned through an Employee Stock Ownership Plan (ESOP).DSA employees receive customizable benefits that are highly competitive in each local market that include a Vanguard 401K. DSA provides equal employment opportunity for employees and applicants without regard to an individual's protected status; race/ethnicity, color, national origin, ancestry, sex/gender, gender identity/expression, sexual orientation, marital/parental status, pregnancy/childbirth or related condition, religion, creed, age, disability, genetic information, veteran status, or any other protected status.
DSA will provide necessary reasonable accommodation to ensure that an individual with a disability who is not able to fully utilize DSA's online job application system is provided with equal opportunity to apply and be considered for all jobs. If you need an accommodation to complete the application process, please email HR @dsainc.com or call 1-877-422-4372 .