Information Security Analyst - Washington, United States - Super Systems Inc
Description
This role is hybrid- 2x a week onsite3x a week REMOTE
The Senior Information Systems Security Analyst will support IT management with control assessment, development, and maintenance, and risk assessment and response development.
Specifically, this job requires the following:
- Develop and maintain IT security controls per NIST SP and Agency Security Policy standards.
- Consult with experts to ensure work instructions align with agency security standards.
- Conduct risk assessments for security issues and propose resolutions.
- Document and communicate control deficiencies for POA&M consideration.
- Support Continuous Security Monitoring for compliance with agency Security Policy
- Assist in developing security policies, ensuring compliance, and updating documentation.
- Review and assess POA&M outputs, recommending additional work or closure.
- Support IT Governance, Risk, and Compliance activities, including standards management.
- Provide information for status reports, briefings, schedules, and project plans in written and oral form.
Qualifications
- One or more current Security certifications (CISSP, CISM, Security+).
- Experience serving in an information system engineer/administrator role implementing security controls.
REQUIRED SKILLS:
- A solid understanding of IT security controls, tools, and concepts.
- Experience working in a technical environment with IT platforms such as Microsoft Office 365, Azure, Cisco, Oracle, etc.
- Understanding of OMB M2209 and EO 1402
- Experience with NIST Risk Management and Cybersecurity Framework, FISMA, NIST 80053, and IT control processes.
- Experience implementing security measures within information systems engineering projects.
- Knowledge of cloud security principles and best practices, particularly for major cloud platforms like AWS, Azure, or Google Cloud.
- Familiarity with GRC frameworks/tools (Archer, eMASS, CSAM) and SA&A tools (Xacta).
- Knowledge of cyberattack patterns, Tactics, Techniques, and Procedures.
- Ability to adapt security processes/tools to evolving landscapes and risk scenarios.
- Proficiency in network security principles, including firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, and secure network architectures.
- Strong understanding of operating systems (e.g., Windows, Linux/Unix) and their security features and vulnerabilities.
- Knowledge of encryption protocols and techniques, such as SSL/TLS, AES, RSA, etc.
- Familiarity with security assessment tools and techniques, including vulnerability scanning, penetration testing, and ethical hacking.
- Experience with security information and event management (SIEM) systems for log analysis and threat detection.
- Fluency in spoken/written English for technical content, with strong communication skills.
- Experience producing highquality deliverables with mínimal edits, quick review, and feedback on federal security doctrine.
- Ability to thrive in a fastpaced environment, outstanding customer service skills.
- Ability to document processes, explain complex policies in simple terms.
- Familiarity with latest IT trends, security standards, excellent analytical thinking, and problemsolving skills.
Pay:
$115, $130,000.00 per year
Benefits:
- 401(k)
- Dental insurance
- Health insurance
- Paid time off
- Vision insurance
Compensation package:
- Weekly pay
- Yearly pay
Experience level:
- 7 years
Schedule:
- Monday to Friday
Education:
- Bachelor's (required)
Experience:
- information system engineer/administrator: 7 years (required)
- implementing security controls: 5 years (preferred)
- Understanding of OMB M2209 and EO 1402
- NIST Risk Management and
- FISMA, NIST 80053, and IT control processes: 4 years (required)
- Working in an
- GRC frameworks (eMASS, CSAM) and SA&A tools (Xacta): 1 year (required)
- Knowledge of cyberattack patterns: 1 year (required)
- security information and event management (SIEM) systems: 3 years (required)
Security clearance:
- Confidential (preferred)
Ability to Commute:
- Washington, DC required)
Work Location:
Hybrid remote in Washington, DC 20554
More jobs from Super Systems Inc
-
Technical Support
Alexandria, United States - 1 week ago
-
CCTC, BOLC, WOBC, etc Cyber Course Instructors
Augusta, GA, United States - 5 days ago
-
Servicenow Developer
Dulles, United States - 4 days ago
-
Systems Administrator with Security Clearance
Silver Spring, United States - 3 weeks ago
-
Configuration Manager
Arlington, United States - 3 weeks ago
-
Technical Support
Arlington, United States - 4 weeks ago