Cloud Information Secuirty Analyst (CISA)

About The Position

Requirements

• US citizen or must be authorized to work in the United States
• Must have lived in the USA for three years of the last five years
• Must be able to obtain a US federal gov badge and eligible for Public Trust clearance
• Must be able to pass a background check, including a drug test
• Bachelor's or Master's degree in Computer Science, Engineering, Information Technology, or a related discipline
• Minimum of 6 years related experience in Information Technology including 4 years in Information Security space.
• Experience in cloud environments such as AWS Commercial and GovCloud. Hands on experience with AWS monitoring and logging services.
• Demonstrated work experience with the following: computer networking, cryptography, security engineering and architecture, vulnerability assessments, or operating systems required
• Strong background in certification and accreditation process of information systems and ability to write, review and coordinate system security plans
• Possesses a working knowledge of several of the following areas is required: understanding of business security practices and procedures; knowledge of current security tools available; hardware/software security implementation; different communication protocols; encryption techniques/tools; familiarity with commercial products; and current Internet technology
• Demonstrated working knowledge of vulnerability assessment and penetration testing tools
• Understands how to assess vulnerabilities and provide recommendations regardless of first-hand knowledge of the application or system
• Experience with Government Agency Security Assessment Process in support of maintaining and/or establishing an ATO and the appropriate boundary.
• Experience with, understanding of and adherence to guidelines such as FISMA, NIST, HIPPA, and IRS Pub-1075

Nice To Haves

• Preferable experience with Salesforce or similar product platforms
• Experience and understanding of tools and platforms such as AWS, Snyk, GitHub, JIRA, Confluence is preferred.
• Industry certification such as the CISSP, CEH, GIAC, etc.
• AWS Certification

Responsibilities

• Provides support for a program, organization, system, or enclave’s information assurance program
• Provides support for maintaining security services within the AWS environment. Maintain security workloads running on AWS containers.
• Maintain security information on JIRA/Confluence and participate in agile DevSecOps practices
• Run and manage security scans with tools such as Snyk and track fixes.
• Able to manage source code for AWS infrastructure in GitHub and manage pipelines.
• Provides support for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies
• Maintains operational security posture for FISMA information system or program to ensure information systems security policies, standards, and procedures are established and followed
• Responsible for implementing security tools, security tool usage, ensuring tools remain compliant and configured properly, all the while ensuring a successful program Authority To Operate (ATO)
• Assists with the management of security aspects of the information system and performs day-to-day security operations of the system
• Evaluate security solutions to ensure they meet security requirements for processing classified information
• Performs vulnerability/risk assessment analysis to support certification and accreditation
• Provides configuration management (CM) for information system security software, hardware, and firmware
• Manages changes to the system and assesses the security impact of those changes
• Prepares and reviews documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs)

Benefits

• competitive base salaries
• performance-based incentives
• spot bonuses
• referral bonuses
• top-tier benefits package to invest in your physical, mental, and financial health and wellness