Junior IT Security Analyst

Summary

A premier software, research, and consulting firm in the field of industrial-organizational psychology, PDRI designs, develops and implements human resource solutions that incorporate the most recent advances in the behavioral sciences and adhere to the highest principles of professional practice.

The Junior Security Analyst will report to PDRI’s Information System Security Officer (ISSO) and will perform a variety of IT security and compliance tasks in support of our software systems.  These will help maintain and enhance our security certifications, authorizations to operate (ATOs), and general IT security posture.

Primary Responsibilities

• Develop and maintain security plans, policies and procedures.
• Track POA&Ms and other security findings to closure
• Prepare and update security authorization and compliance packages related to FedRAMP, FISMA, SOC 2, ISO 27001/27701, GDPR
• Perform vulnerability scans of IT systems using automated tools
• Supports 3rd party security and compliance assessments
• Ensure information systems are operated, maintained, and disposed of in accordance with PDRI’s security policies and practices
• Review, track, and conduct Information Security training

Knowledge and Skill Requirements

• US Citizenship with ability to obtain and maintain a security clearance
• Bachelor’s degree in Information Systems, Computer Science, Cybersecurity, or a related field
• Operational knowledge of Windows-based server management and workstation computing solutions
• Familiarity with Linux operating systems
• High degree of competency in Microsoft desktop applications: Teams, Excel, Outlook, Word etc.
• Must be able to work in a team and independently, demonstrate effective verbal and written communication, learn quickly, solve problems and be professional.
• Excellent interpersonal, management, and oral and written communication skills
• Knowledge of information security principles.
• Basic understanding of network protocols and technologies.

Preferred Skills and Qualifications

• Experience with FedRAMP, FISMA, GDPR, ISO 27001/27701, SOC 2, and/or other mainstream security and compliance standards
• Operational knowledge of Amazon Web Services, Azure, and/or other cloud hosting platforms
• Cybersecurity certification, such as COMPTIA Security+.
• Familiarity with cybersecurity tools and technologies (e.g., Splunk, Burp Suite, Nessus).
• Knowledge of relevant security standards and regulations (e.g., NIST, ISO). 
• Familiarity with NIST publications, such as, SP 800-37, 800-53, and 800-171.
• Proficiency in security risk assessment and management.
• Knowledge of incident response procedures.

PDRI is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.

PDRI is a federal contractor employer, US Citizenship is required.