Information Systems Security Analyst

Information System Security Analyst

Delaware Nation Industries is seeking an Information Systems Security Analyst who provides cybersecurity and information assurance support for Navy information systems supporting the Surface Combat Systems Training Command (SCSTC) and associated Naval Education and Training Command (NETC) activities. The position supports systems that enable the training of surface warfare personnel to operate, maintain, and tactically employ surface combat systems. The analyst ensures the confidentiality, integrity, and availability of information systems in compliance with Department of Defense (DoD), Navy, and NETC cybersecurity requirements.

This role is to be performed onsite in Dahlgren, Virginia.

• Provide cybersecurity analysis and protection for Navy information systems supporting SCSTC and NETC missions
• Monitor, analyze, and respond to cybersecurity threats affecting training, operational, and enterprise systems
• Identify, assess, and mitigate system, application, and network vulnerabilities
• Support Risk Management Framework (RMF) activities, including security control implementation and continuous monitoring
• Participate in enterprise incident response activities, including detection, containment, eradication, and recovery
• Analyze network traffic and system logs to identify anomalous or malicious activity
• Support intrusion detection and prevention methodologies and tools
• Implement and maintain host-based and network access control mechanisms (e.g., ACLs)
• Support vulnerability assessments and penetration testing activities
• Assist with data backup, recovery, disaster recovery, and continuity of operations planning
• Ensure system and application security throughout the system life cycle
• Support enterprise security architecture aligned with approved DoD and Navy reference models
• Ensure compliance with national and international cybersecurity laws, regulations, policies, and ethical standards
• Maintain documentation related to security controls, incidents, and risk posture

• Minimum of four (4) years of experience in cybersecurity or information security
• Strong understanding of cybersecurity principles, threats, vulnerabilities, and risk management processes
• Knowledge of encryption algorithms and secure communication protocols (e.g., IPSEC, AES, 3
  
  DES, IKE, GRE, MD5, SHA)
• Experience with incident response and handling methodologies
• Knowledge of intrusion detection techniques and network traffic analysis
• Understanding of TCP/IP networking and the OSI model
• Familiarity with common system and application security vulnerabilities (e.g., buffer overflow, cross-site scripting, SQL injection)
• Knowledge of enterprise security architecture concepts and reference models
• Understanding of current and emerging cyber threats and threat vectors
• Familiarity with national and international cybersecurity laws, regulations, and policies
• Knowledge of enterprise incident response program roles and responsibilities
• Experience supporting data protection standards (PII, PCI, PHI)

• Knowledge of computer networking concepts, protocols, and security methodologies
• Experience monitoring system performance and availability
• Familiarity with ISO and other organizational security and design standards
• Understanding of system life cycle management, including software security and usability
• Knowledge of system/server administration and systems engineering concepts
• Experience with server and client operating systems
• Familiarity with network security architecture and defense-in-depth concepts
• Knowledge of network systems management principles and tools
• Experience with system, network, and operating system hardening techniques
• Understanding of cloud computing service and deployment models (SaaS, IaaS, PaaS)
• Familiarity with cloud security strategy and architecture in DoD-approved environments

• Knowledge of information security program and project management principles
• Understanding of resource management and prioritization techniques
• Experience supporting risk assessment and mitigation activities
• Familiarity with secure acquisition practices and critical IT procurement requirements
• Knowledge of IT supply chain security and supply chain risk management
• Understanding of applicable laws, statutes, Presidential Directives, and guidelines related to cybersecurity and privacy
• Awareness of organizational risk tolerance and risk management approaches

• DoD 8570/8140 Information Assurance Technical (IAT) Level III certification (e.g., CASP+, CISSP, or equivalent as approved by DoD)

• Active DoD Secret security clearance, as required by the contract

• Covers 100% of employee benefit premiums, including Medical (PPO or HDHP Option), Vision, Dental
• Matching 401K
• Short- and Long-Term Disability
• Pet Insurance
• Professional Development/Education Reimbursement
• Parking and Transit Benefits for NY, NJ, ATL, and DC Metro areas

Please note this job description is not…