Systems Security Analyst

About The Position

Requirements

• 4+ years relevant experience
• Associate of Science Degree or Higher in Cybersecurity or related field
• 8140/DCWF Certification
• IAT II Certification
• Security Clearance: Top Secret/SCI with potential for higher read-ins.
• Knowledge of encryption algorithms (e.g., Internet Protocol Security [IPSEC], Advanced Encryption Standard [AES], Generic Routing Encapsulation [GRE], Internet Key Exchange [IKE], Message Digest Algorithm [MD5], Secure Hash Algorithm [SHA], Triple Data Encryption Standard [3DES]).
• Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption).
• Knowledge of network access, identity, and access management (e.g., public key infrastructure [PKI]).
• Knowledge of operating systems.
• Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
• Knowledge of how system components are installed, integrated, and optimized.
• Knowledge of various types of computer architectures.
• Knowledge of network design processes, including understanding of security objectives, operational objectives, and tradeoffs.
• Knowledge of how to use network analysis tools to identify vulnerabilities.
• Skill in designing the integration of hardware and software solutions.
• Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
• Skill in developing and applying security system access controls.
• Skill in evaluating the adequacy of security designs.
• Skill in assessing security systems designs.
• Skill in assessing security controls based on cybersecurity principles and tenets.

Nice To Haves

• CSSP Infrastructure Support certification desired

Responsibilities

• Assess the effectiveness of security controls.
• Apply security policies to meet security objectives of the system.
• Assess all the configuration management (change configuration/release management) processes.
• Develop procedures and test fail-over for system operations transfer to an alternate site based on system availability requirements.
• Analyze and report organizational security posture trends.
• Analyze and report system security posture trends.
• Ensure all systems security operations and maintenance activities are properly documented and updated as necessary.
• Ensure cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level.
• Assess adequate access controls based on principles of least privilege and need-to-know.
• Implement security measures to resolve vulnerabilities, mitigate risks and recommend security changes to system or system components as needed.
• Implement system security measures in accordance with established procedures to ensure confidentiality, integrity, availability, authentication, and non-repudiation.
• Mitigate/correct security deficiencies identified during security/certification testing and/or recommend risk acceptance for the appropriate senior leader or authorized representative.
• Verify minimum security requirements are in place for all applications.
• Plan and recommend modifications or adjustments based on exercise results or system environment.
• Properly document all systems security implementation, operations and maintenance activities and update as necessary.
• Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities.
• Verify and update security documentation reflecting the application/system security design features.
• All other duties as defined by CSSP.

Benefits

• Health and Wellbeing: Health, Dental, and Vision Care, Onsite Health Centers, Employee Assistance Program, Wellness program
• Financial Benefits: Competitive pay, Profit Sharing, 401k Plan with Company Matching, Life and Disability Insurance, Tuition Reimbursement
• Paid Time Off: PTO and Sick Leave (starting at 20 days per year) & Holidays (10 per year), Parental Leave, Military Leave, Bereavement
• Additional Perks: Nursing Mothers Benefits, Voluntary Legal, Pet Insurance, Employee Discount Program