Job Openings >> Security Analyst
Security Analyst
Summary
Title:Security Analyst
ID:1196
Department:Engineering
Job Type:Exempt (salaried)
Location:Rockville, MD
Description

The Security Analyst must be able to meet the key criteria below:

  1. Location: Must be onsite in Rockville, MD
  2. Years’ Experience: 3+ years
  3. Education: Bachelors
  4. Clearance: Must be able to obtain and maintain a Public Trust
  5. Work Authorization: Must be authorized to legally work in the United States
  6. Key Skills:
    • Must have experience with Appian, Salesforce, AWS, Splunk, Jenkins, IP networking, and FIPS
    • CISSP required
    • Experience with Nessus and/or Web Inspect preferred

Responsibilities

  • Will be involved in developing an ATO package for Appian and Salesforce Hybrid applications in a Federal Agency environment.
  • The candidate will respond to assessment and accreditation tasks, audit tasks and other system security tasks.
  • The candidate may act as the interface between auditors and system subject matter experts. This will require the candidate to understand the target systems to appropriately decompose inquiries to actionable items for SMEs, and then validate the SME responses.
  • The candidate will be involved in assessment of IT systems and components with enterprise class security standards and practices and identifying appropriate design and mitigation actions. This may involve using enterprise security tools (e.g. WebInspect, Fortify, Nessus) or responding to reports from those tools.
  • Activities may involve responding to real time production system issues/events or analysis of new or enhancement capabilities. This will require applying a broad system security engineering view to evaluate security controls documented in the System Security Plan (SSP).
  • The Candidate will be involved in all phases of the NIST 800 series documentation and Accreditation and Authorization process.

Qualifications

  • 3+ years of experience with Appian, Salesforce, AWS cloud
  • 3+ years of experience with Ethernet and IP networking knowledge and extensive experience in the application of IP protocols.
  • 3+ years of experience in large scale network design and implementations.
  • CISSP
  • Experience with security test tools (e.g. Nessus, Web Inspect).
  • Experience with enterprise configuration management tools (e.g. SPLUNK, SVN, SBM, Jenkins).
  • Experience with enterprise security services (e.g. IDS, log aggregation, credential management, PKI).
  • Experience with Windows administration including Active Directory.
  • Experience with Linux and/or Unix administration.
  • Experience with FDA Systems and Security Protocols.
  • Ability to recognize security risks, document risk, and clearly communicate findings and recommendations.
  • Experience supporting Incident Response events.
  • Exposure to the federal risk management framework as outlined in NIST & Deploying solutions to meet compliance requirements arising from that framework.
  • Experience with FIPS determination
  • Experience with supporting assessment of IT systems compliance with Federal IT Security standards. (NIST 800-53, FISMA, others)
  • Experience responding to security audits and compliance assessments including decomposing auditor requests to actionable items, compiling and presenting security audit artifacts.
  • Experience evaluating IT system compliance with government and commercial security practices
  • Working knowledge of Assessment and Accreditation practices.
  • Familiarity with security test tools and responding to security findings.
  • General knowledge of enterprise scale IT systems, architectures and components (networking, security appliances, servers, and virtualization) particularly the system integration challenges balancing secure operations with operational need.
  • Experience supporting multi-vendor technology solutions.

About IBR

Imagine Believe Realize, LLC (IBR) is an emerging small business focused on delivering software and systems engineering solutions to government and commercial clients. Our talent acquisition strategy is tailored to career seeking candidates who embrace continuous learning and desire to grow as a professional in the software/systems engineering industry. We strive to enhance our team members ability to thrive in the workplace by creating a proper work/life balance and first-class benefits package that includes:

  • Nationwide medical, dental, and vision insurance
  • 3 weeks of paid time off
  • 10 paid federal holidays
  • 401k matching
  • Life insurance at no cost to our employees
  • Short term disability insurance at no cost to our employees
  • Long term disability insurance at no cost to our employees
  • Health care flex spending accounts
  • Dependent care flex spending accounts
  • Training opportunities
  • Education assistance opportunities

IBR is an Equal Opportunity and Affirmative Action Employer. It is our policy to offer employment opportunity to all persons without regard to race, color, age, national origin, religion, sex, gender identity/transgender status, veteran status, disability, genetic information, pregnancy, childbirth or related medical conditions, or any other status protected under applicable federal, state, or local law.

Learn more at http://www.teamibr.com

Powered by ApplicantStack