Information Technology Security Analyst

Responsibilities

 

We are Hiring! We are looking for a qualified Information Security Analyst to join our CDC Program in Atlanta GA.  The qualified applicants will provide IT Security Risk and Compliance support to various international and domestic CDC information systems and serve as an IT Security support resource to system stakeholders on matters related to regulatory compliance, security controls, threats and vulnerabilities.

 

What you will do:

• Develop and maintain a solid working knowledge of CDC, HHS, and Federal cybersecurity and privacy regulations, policies, laws, and requirements
• Work extensively with multiple senior-level stakeholders (system owners, mission leads, IT Governance, and the Information Systems Security Officer (ISSO)) in the conduct of system compliance and protection activities covering both domestic and international projects
• Work with mission / technical teams to perform security analysis on in-development technical solutions and provide security compliance and guidance input as required
• Formally evaluate systems (either in development or in production) for compliance with Federal security requirements and develop corresponding documentation to align with the risk management framework (RMF)
• Assist system owners with identifying and utilizing relevant enterprise shared services and solutions to enable compliance and security activities
• Develop Security Assessment & Authorization (SA&A) packages and manage the end-to-end SA&A process for assigned systems including development of NIST-compliant System Security Plans, Rules of Behavior, Continuity of Operations and Disaster Recovery Plans, Risk Assessments, Interconnection Security Agreements, Incident Response Plans, Privacy Impact Assessments, Data Sharing / Use Agreements, etc.
• Develop and maintain system risk assessments and, as/if needed, remediation and Plan of Actions & Milestones (POA&Ms)
• Following formal approval, maintain system authorizations through proactive monitoring of system compliance, formal change management, corrective actions, and package updates throughout the system development lifecycle (SDLC)
• Perform technical IT system security/vulnerability assessments using provided tools – interpret results and manage remediations as needed
• Support various other security-related activities including facilitation of change control processes and data call responses; management of encrypted / secure data storage devices; and the evaluation, justification, and management of software and third party website approvals
• Some level of remote work and schedule flexibility (due to international project teams) is anticipated and will be determined on a case-by-case basis. No on-call requirements
• Overseas travel may be required (3-5 trips per year)

Qualifications

Required  Qualifications:

• Bachelor’s degree and 8 years of experience. Additional 4 years of experience may be accepted in lieu of the degree
• Knowledge of computer operating systems and networks, component architectures, application development, and/or data management processes and technologies – the successful candidate must understand the fundamental technical components, processes, and interactions of enterprise-level information systems
• Experience with fundamental information security concepts and processes such as risk assessment and mitigation strategies, security control techniques and technologies, assessment and evaluation methods, and user access control methodologies
• Excellent analytic skills – the successful candidate must be able to receive information, digest it, and apply standards and requirements to that information and in order to produce a clear and effective evaluation / assessment
• Demonstrated facility with technical documentation
• Demonstrated problem-solving capability
• Ability to effectively manage time, and prioritize and execute tasks in a high-pressure environment
• Must be able to work independently and within deadlines
• Must be able to pass required Federal background screening / security check including basic and expanded investigations
• One or more industry certifications including CISSP, CAP, SANS GIAC Certifications, IAT or IAM Level I-III, or NSA’s IAM/IEM
• Desire and ability to quickly obtain industry certifications if needed
• Must be a US Citizen
• Must be able  to obtain and maintain the required Agency Clearance 

Preferred Qualifications:

• 3 or more years’ experience with Federal Security Assessment & Authorization processes / methodologies
• Experience with industry standard security / vulnerability assessment tools
• Security policy development and process implementation experience in Federal agencies - CDC / HHS preferred
• Government and/or CDC experience
• International experience, especially in a health-related field
• US DoD security clearance

Benefits:

 

 At Peraton, our benefits are designed to help keep you at your best beyond the work you do with us daily. We’re fully committed to the growth of our employees. From fully comprehensive medical plans to tuition reimbursement, tuition assistance, and fertility treatment, we are there to support you all the way.

 

#LI-ET1

Peraton Overview

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.

Target Salary Range

$80,000 - $128,000. This represents the typical salary range for this position based on experience and other factors.

EEO

EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.