Senior Information Systems Security Analyst Featured

Senior Information Systems Security Analyst

• Ensure that all users have the requisite security clearances, authorization, and need-to-know, and are aware of their security responsibilities before they are granted access to the IS
• Initiate protective and corrective measures when a security incident or vulnerability is discovered
• Monitor system recovery processes and ensure the proper restoration of an IS security features
• Ensure Configuration Management (CM) for security‑relevant IS software, hardware, and firmware is documented and maintained
• Support certification activities throughout the ISSA process (previously known as Certification and Accreditation process)
• Manages ATO artifacts, documentation and provides updates within the DOJ Cyber Security Assessment Management System (CSAM)
• Ensure that system security requirements are complied with, unless waived during all phases of the system lifecycle
• Establish audit trails and ensure their review, and make them available, when required, to the Chief Information Security Officer (CISO) or the Information System Security Manager (ISSM)
• Retain audit logs in accordance with Department of Justice (DOJ) policy
• Ensure awareness and precautionary measures are exercised to prevent introduction and/or proliferation of malicious code; manage review and release of media and/or memory components
• Ensure general users and privileged users are trained in the specific knowledge needed for them to safely operate and maintain the ISs to which they have access, including general security awareness and specialized privileged user training
• Disseminate, control, and manage the issuance of user identifications and passwords for assigned ISs, and provide authorized lists to appropriate system administrators
• Develop, implement, and enforce information systems security policies

Requirements:

• This position requires a minimum security clearance, must be able to obtain a Public Trust Clearance from the Federal Government. Applicants selected will be subject to a U.S. Government security investigation and must meet eligibility requirements for access to classified information.
• Possess strong communication skills; the position will be the primary interface with the client security personnel.
• Must be customer focused and possess the ability to identify issues, analyze, and interpret data and develop solutions to a variety of moderately complex technical problems.
• Bachelor's in Computer Science, Information Systems or related field and 6-8 years of demonstrated results, or equivalent experience with a concentration on C&A as it applies to the US Government.
• Prior ISSO or ISSM experience is required.
• Experience with the NIST/FISMA regulatory and compliance requirements.
• Experience with DOJ Cyber Security Assessment Management System (CSAM) or similar government management system.
• Knowledge of the federal security authorization (formerly known as Certification and Accreditation or C&A) process to include key activities and milestones required throughout each phase of the security authorization lifecycle.
• Industry-specific certifications, including one or more of the following: CISSP, CISA, CISM, SANS, CEH.
• Experience with DOJ, DISA, NSA, DSS and DoD IA standards and Certification and Accreditation (C&A) processes.
• Experience with Security Technical Implementation Guides (STIGs) and Security Content Automation Protocol (SCAP) Compliance Checker (SCC). Knowledge of Information Assurance Vulnerability Alerts (IAVAs).
• Ability to represent the organization as a knowledgeable resource on external projects while demonstrating a strong analytical, verbal and written communication skill set to accurately document, report, and present findings.
• Hands on IT technical experience working with networking and computing environments.
• Experience using vulnerability assessment tools/platforms such as Acunetix, Nessus, ACAS, Qualys, Nexpose, along with centralized logging and penetration testing.
• Strong experience with documenting test environments, requirements, results and POAM resolution.
• Candidates must be able to travel 10% of the time.

Rubix Solutions LLC is an EEO Employer - M/F/Disability/Protected Veteran Status

Upload Your Resume Accepted formats: .pdf, .doc, .docx