Vacancy expired!
Data Systems Analysts, Inc. is searching for a Senior Information Security Analyst for a remote opening in the DC area. This contract supports the US Environmental Protection Agency (EPA).U.S. Citizenship and ability to obtain a public trust is required. The ideal candidate will report directly to the program manager and have strong leadership skills and the ability to lead teams, tasks and projects of 5+ junior, mid, and senior level resources with limited supervision. The Senior Information Security Analyst will be an integral part of a team responsible for supporting the development and maturation of an Agency-wide information security (InfoSec) program for a large civilian Federal agency. The candidate should have strong data analysis skills, keen attention to detail, and the ability to handle and prioritize multiple tasks and deadlines. The candidate will serve as a subject matter expert with regards to the Risk Management Framework (RMF) and all associated information security policies and procedures and should possess in-depth knowledge of applying, selecting and testing the NIST family of security controls. Primary Responsibilities: Advising senior-level stakeholders on InfoSec initiatives including compliance, awareness and training, and security operations. Leading Independent Validation and Verification (IV&V) efforts on security authorization/ATO packages to ensure compliance to agency requirements. Leveraging the existing Governance, Risk, and Compliance (GRC) tool, Telos Xacta (or an alternate like CSAM or RSA Archer), to track and reconcile findings from assessments, audits, and vulnerability scans. Coordinating government data calls (FISMA, FMFIA, BDR, etc.) and monthly reports. Client CyberScope experience a plus. Assessing the effectiveness of the InfoSec and privacy training program and leading the collection, analyzation, and presentation of enterprise-level InfoSec performance metrics. Managing InfoSec Program POA&Ms, including advising on remediation efforts. Providing administrative support to Xacta (or equivalent GRC tool) users and authoring operational procedures. Working closely with senior agency security officials, system owners, information system security officers (ISSOs) and other stakeholders to advise and implement security solutions. Advising CDM implementation efforts. Identify opportunities for efficiencies in work process and innovative approaches. Participating in team problem solving efforts and offer ideas to solve client issues. Conducting relevant research, data analysis, and developing reports. Preparing and assisting in the development of policy and procedures for program-level management and promoting consistency in program management best practices. Implementing processes and procedures to monitor risk across programs / projects. Preparing briefings to executive team to debrief the results of studies, analyses, and plans. Assisting the client leadership in reviewing monthly project progress, documenting issues, and monitoring resolution. Leading related business development efforts, as requested. Minimum Qualifications: US Citizenship. Bachelor's degree in Computer Science, Information Systems, Engineering, Business, or other related scientific or technical discipline is required. Four (4) additional years of experience in IA/Information Security will be an acceptable substitute for a Bachelor's degree. Minimum of eight (8) years of IA specialized experience, including applying, analyzing and assessing information systems and security controls (NIST SP800-53, Revision 4). Minimum of three (3) years in a leadership capacity and demonstrated ability to delegate work and track work products from assignment to delivery. Ability to work with limited supervision and meet multiple project milestones and deadlines as required by the client. Excellent written and oral communication skills including delivery of client-ready work products and the ability to communicate complex technical issues to senior stakeholders and non-technical staff. Knowledge and understanding of integrating the security lifecycle into the system development lifecycle (SDLC). Experience working with Federal Information Security Modernization Act (FISMA) requirements and NIST guidelines. Demonstrated ability to prioritize and manage competing work assignments in a time sensitive environment. Ability to weigh business risks and enforce appropriate information security measures. Keen attention to detail and the ability to solve problems using best practices and systematic approach.Desired Skills:Preferred Tool Experience ForeScout BigFix Tenable Nessus Telos Xacta IA Manager (or similar tool like CSAM, RSA Archer, etc.) CDM Dashboard SharePoint Qlik Sense Required/ Desired Education and Certifications: Bachelor's degree Two (2) IT industry certifications, including at least one (1) advanced security certifications (e.g., CISSP, CISM or equivalent). Interest in learning the concepts of business development and capturing new business.MUST HAVE US CITIZENSHIP; this will be verified prior to interview. Therefore, only US Citizens can be considered for this position.Salary and Benefits include but not limited to:
- The hours for this role are Full-time, Regular - Start and End times are dependent on customer requirements
- Leave benefits include Paid holidays, Vacation, Sick and Bereavement
- Retirement benefits include 401K with 20% match to employee contribution, and Employee Stock Ownership Shares provided by DSA.
- Insurance benefits include customizable Medical, Dental, Health, Company Paid Life and Disability Insurance, Health savings, Vision and Domestic Partner Coverage
- Miscellaneous benefits include Tuition assistance and Technical 100% Paid Training and Family Tuition Assitance.
Vacancy expired!