Information Security Risk Analyst
About The Position
Information Security Risk Analyst The Opportunity: Work with the DoD to identify their cyber risks, comprehend relevant policies, and develop mitigation strategies. Gather technical, environmental, and personnel information from SMEs to assess the DoD threat landscape. Establish trusted relationships with clients and provide expert advice to help solve their problems. Act in an advisory capacity to ensure clients operate securely within an evolving IT environment. Develop solutions and actively engage in information security while enhancing your skills in IT and cloud computing. You Have:
Requirements
- Experience with security assessments and audits, including vulnerability scanning
- Experience in incident response and handling security breaches
- Experience with cybersecurity frameworks
- Knowledge of information security in IT threats, attacks, and vulnerabilities
- Knowledge of the DoD Risk Management Framework (RMF) and Authority to Operate (ATO) processes
- Ability to stay current with emerging cybersecurity threats and technologies
- Active TS/SCI clearance; willingness to take a polygraph exam
- HS Diploma or GED and 6+ years of experience in cybersecurity or Associate's degree and 4+ years of experience in cybersecurity or Bachelor's degree and 2+ years of experience in cybersecurity
- DoD 8140 IAT Level II Certification
Nice To Haves
- Experience with the U.S. military and DoD IT environments and regulatory compliance requirements
- Experience creating and managing security documentation such as System Security Plans (SSPs) and Plan of Action and Milestones (POA&Ms)
- Experience applying abstract security requirements such as NIST 800-53 controls to information systems
- Experience with System Information and Event Management (SIEM) tools
- Experience with eMASS or XACTA and with Agile processes
- Knowledge of enterprise environments and cloud architecture, including AWS or Azure
- Knowledge of Vulnerability Management, Configuration Management, and Data Management
- Knowledge of Windows or Linux systems
- Possession of excellent analytical, problem-solving, and communication skills to identify security risks, develop appropriate mitigation strategies, and effectively convey security concepts to both technical and non-technical stakeholders
Responsibilities
- Work with the DoD to identify their cyber risks
- Comprehend relevant policies
- Develop mitigation strategies
- Gather technical, environmental, and personnel information from SMEs to assess the DoD threat landscape
- Establish trusted relationships with clients and provide expert advice to help solve their problems
- Act in an advisory capacity to ensure clients operate securely within an evolving IT environment
- Develop solutions and actively engage in information security while enhancing your skills in IT and cloud computing
Benefits
- health
- life
- disability
- financial
- retirement benefits
- paid leave
- professional development
- tuition assistance
- work-life programs
- dependent care
- recognition awards program
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
High school or GED
