Information Security Analyst

Information Security Analyst

DecisionPoint Corporation is seeking an Information Security Analyst to join our team! This role will support the design and implementation of a comprehensive approach to securing government networks and applications while ensuring compliance with federal security and oversight requirements.

This position is fully remote.

• Provide guidance to ensure project compliance to the United States Government Baseline (USGCB) for IT Security, taking into account agency policies, default configurations and settings, IPv6 security capabilities, and any other potential IPv6 requirements.
• Provide technical expertise of computer security laws, mandates, standards and policies in accordance with the Federal Information Security Management Act (FISMA) as amended, National Institute of Standards and Technology (NIST) Special Publications (SPs), Office of Management and Budget mandates, the Department of the Treasury policies for information security requirements and Federal Risk Management Program (FedRAMP) authorization process.
• Utilize technical expertise of computer theories, principles, practices and industry standards to complete computer security related functions that include certification and accreditation of government information and telecommunications system, IT disaster recovery and business continuity planning, and risk management activities.
• Represent the project in internal and external meetings, working groups, and integrated project teams to provide IT security compliance requirements.
• Help in evaluating relevant global standards, compliance frameworks and regulations to analyze existing controls; identify areas for improvement; and design control growth.
• Participate in internal security and compliance program and track recurring controls.
• Help support customer security reviews, RFPs and external security and privacy inquiries.
• Help support internal/external audits and evidence collection.
• Document new and update existing policies, procedures, standards and resources.
• Participate in Security awareness program, train personnel on data security & privacy related processes and responsibilities.
• Participate in defining, collecting and tracking various Security Metrics Support vendor management, including vendor risk assessments and security reviews.
• Ability to prioritize in a highly dynamic work environment.

• Ability to obtain a Public Trust and EOD.
• Bachelor and three (3) years' or Master and (2) years' experience
• Three (3) years of experience working in information security or compliance, NIST, FISMA, ATO experience.
• Technical understanding of IPv6 security requirements and associated network protocols.
• Expert-level knowledge of Zscaler security solutions and their implementation in enterprise environments.
• Ability to work closely with cross-functional stakeholders
• Ability to communicate effectively, in writing and verbally, to target audiences, including customers, partners, auditors, executive management, vendors, and peers.

• Work experience with ISO 27001 compliance standard. Experience working with Security Controls across at least some of the following domains:
  Access Management, Encryption, Risk Management, Network Security, Configuration Management, Patch Management, Change Management, Awareness & training, BC/DRP, etc.
• Ability to balance risk, potential impact, resourcing, business drivers, and timelines. Advanced degree in computer science, information technology or Information security.
• Participate in defining, collecting, and tracking various Security Metrics Support vendor management, including vendor risk assessments and security reviews.
• Ability to prioritize in a highly dynamic work environment.

• EEO and Affimative Action Policy: DecisionPoint Corporation is an Equal Employment Opportunity and Affimative Action employer. It is the policy of DecisionPoint Corporation to provide equal employment opportunity in accordance with all applicable Equal Employment Opportunity /Affimative Action laws, directives and regulations to all employees and qualified applicants without regard to race, ethnicity, color, religion, national origin, sex, age, disability status, pregnancy, sexual orientation, gender identity, genetic information, protected veteran status, or any other protected status under Federal, State or Local laws.
• Pay Transparency Policy: In accordance with Presidential Executive Order 13665, DecisionPoint Corporation will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation…