Information Security Analyst Senior

About The Position

Requirements

• BA/BS and 3+ years of experience (additional years of experience will be considered in lieu of degree, 7+)
• Experience and training with Microsoft Server 2016/ 2019 or newer to include Active Directory, Radius, DNS and Group Policy.
• Experience and training with virtual environments (VMware, Hyper-V, etc.)
• Familiar with maintaining and operating Trellix ENS (formerly McAfee Endpoint Security) and Tenable Security Center (ACAS) scans.
• Familiar with maintaining and operating SQL server
• Experienced in applying patches/updates and STIGs.
• Possess and maintain a minimum of IAT level II certification IAW the DoW directive 8140.01Cyberspace Workforce Management (sec+, CCSP, CASP+)
• Active Secret Clearance
• US Citizenship Required

Nice To Haves

• Security Controls
• Security Policies
• Security Standards
• System Audits
• Vulnerability Assessments
• Certification and authorization of the ADCS system
• NIST continuous monitoring standards
• RMF critical security controls
• Cyber intelligence
• Trellix ENS (formerly McAfee Endpoint Security)
• Tenable Security Center (ACAS)
• SQL server
• Applying patches/updates and STIGs
• IAT level II certification
• sec+
• CCSP
• CASP+

Responsibilities

• Coordinating the scanning and identification of vulnerabilities associated with hosts connected to the network.
• Maintaining all tools that are used in the scanning and identification of vulnerabilities, as well as the tools used to rationalize, consolidate, and apply additional contextual information.
• Maintaining a cooperative relationship with Engineering and Operations teams to drive remediation efforts.
• Support the ISSM to define, create, and maintain the documentation for certification and authorization of the ADCS system in accordance with requirements.
• Assess the impacts on system modifications and technological advances.
• Manage system vulnerabilities in accordance with security requirements utilizing NIST continuous monitoring standards, RMF critical security controls and counter measures based on risk assessments of mission systems.
• Identify and assess specific emergency or priority vulnerabilities, guided by input from other elements of the team such as cyber intelligence, engineering, or operations and suggest specific remediation approaches.
• Analyze vulnerability data and assist with the prioritization and remediation of the identified vulnerabilities commensurate to risk and vulnerability management standards.
• Understand vulnerabilities, their impacts, mitigation techniques, and document and articulate this understanding to various stakeholders.
• Update and develop security standards and templates as required to meet new regulatory/audit/etc. requirements and guidance.
• Improve the efficacy and efficiency of specific VM practices across the enterprise, to include vulnerability identification/assessment/remediation.
• Leverage and enhance existing VM frameworks/policies/standards to ensure VM maintains a minimum of industry best practices.
• Coordinate collection of data and documentation in support of examinations/audits.
• Work with existing solution vendors (e.g., ACAS, HBSS) as necessary; identify potential solutions.
• Research, develop, implement, test and review information security in order to protect information and prevent unauthorized access.
• Gathering information necessary to maintain security and establish functioning external barriers such as firewalls and other security measures.
• Assess and review systems in order to identify potential security weaknesses, recommend improvements to amend vulnerabilities, implement changes and document upgrades.

Benefits

• 401K with company match
• Comprehensive health and wellness packages
• Internal mobility team dedicated to helping you own your career
• Professional growth opportunities including paid education and certifications
• Cutting-edge technology you can learn from
• Rest and recharge with paid vacation and holidays
• variety of medical plan options, some with Health Savings Accounts
• dental plan options
• a vision plan
• a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match.
• full flex work weeks where possible
• a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave.
• short and long-term disability benefits
• life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available.