isecjobs.com

Security Analyst

Remote, United States

Full Time Mid-level / Intermediate Clearance required USD 68K - 128K * est.
Company logo

By Light Professional IT Services LLC

By Light readies warfighters and federal agencies with technology and systems engineered to connect, protect, and prepare for every next.

View all jobs at By Light Professional IT Services LLC

Apply now Apply later

Company Overview

By Light Professional IT Services LLC readies warfighters and federal agencies with technology and systems engineered to connect, protect, and prepare individuals and teams for whatever comes next. Headquartered in McLean, VA, By Light supports defense, civilian, and commercial IT customers worldwide.

Position Overview

By Light is hiring a Security Specialist to join our team developing and deploying a mission critical IT system for the Department of Veterans Affairs. This position will audit environments for compliance against NIST and VA security and privacy control requirements. This role can work remotely from a home office.

Responsibilities

  • The candidate will be responsible for conducting routine audits such as user access and permissions, matrix reporting for vulnerability remediation efforts, tracking Plan of Action and Milestones.
  • Review and update security documentation.
  • Support vulnerability management.
  • Utilize a GRC tool such as eMASS for risk management.
  • Communicate complex and technical information to non-technical staff efficiently and clearly.
  • Respond to security incidents and provide detailed incident reports.
  • Recommend security enhancements to management or senior IT staff.
  • Stay current on latest intelligence in order to anticipate security breaches.
  • Review system weakness and identify vulnerabilities in the system by conducting regular audits.
  • Review and track Nessus, Database, and Fortify Scan findings.
  • Be comfortable with audit, security, FISMA, ISO 27001, HIPAA, and HITECH requirements.
  • Respond to Veterans Administration program leads, National and International Program Managers to provide guidance and understanding on the priority of security and privacy requirements affecting development and acquisition programs.
  • NIST 800-37 Risk Management Framework and NIST SP 800-53 requirements analysis.

Required Experience/Qualifications

  • 4+ years of experience in managing security programs for a variety of IT products, systems and networks both small and large and complex.
  • Ability to ensure that records are maintained, security updates are promulgated, and staff are properly briefed.
  • Ability to identify and mitigate network vulnerabilities and explain how to avoid them.
  • Experience with network architecture, topology, and protocols and familiarity with both operation systems and cloud platforms.
  • Experience in coordinating with organizational security teams to ensure program consistency and compliance with all security requirements.
  • Knowledge of organizational and agency level security requirements and ensures that systems and personnel comply with these standards.
  • Must have comprehensive knowledge on the various levels of information security requirements.NIST 800-53 and Certification and Accreditation experience required.

Preferred Experience/Qualifications

  • Preferred
  • Veterans Affairs experience preferred.
  • CISSP or similar certs preferred.
  • Use of VA's eMASS tool a very big plus.

Special Requirements/Security Clearance

  • Candidate must be able to successfully complete a background check for Tier 4 (High) public trust
Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  5  0  0
Category: Analyst Jobs

Tags: Audits CISSP Clearance Cloud Compliance eMASS FISMA HIPAA ISO 27001 Nessus NIST NIST 800-53 POA&M Privacy Risk management RMF Security Clearance Vulnerabilities Vulnerability management

Regions: Remote/Anywhere North America
Country: United States

More jobs like this

« Back to job search To the top ↑

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.

Information Security Specialist jobsSenior Cloud Security Engineer jobsInformation System Security Officer jobsSenior Security Analyst jobsSenior Cybersecurity Engineer jobsSystems Administrator jobsInformation Security Manager jobsSystems Engineer jobsSenior Information Security Analyst jobsSenior Network Security Engineer jobsCyber Security Specialist jobsIT Security Engineer jobsIT Security Analyst jobsChief Information Security Officer jobsSecurity Consultant jobsSecurity Specialist jobsInformation System Security Officer (ISSO) jobsSenior Product Security Engineer jobsInformation Systems Security Engineer jobsSenior Cyber Security Engineer jobsSenior Information Security Engineer jobsCyber Threat Intelligence Analyst jobsCyber Security Architect jobsThreat Intelligence Analyst jobsSenior Software Engineer jobs
Java jobsBash jobsTS/SCI jobsEncryption jobsEDR jobsIDS jobsIPS jobsThreat detection jobsTerraform jobsTop Secret jobsSDLC jobsSplunk jobsSQL jobsMalware jobsFinance jobsDocker jobsForensics jobsSOC 2 jobsRMF jobsCompTIA jobsIntrusion detection jobsActive Directory jobsOWASP jobsGIAC jobsITIL jobs
DoDD 8570 jobsVPN jobsHIPAA jobsOSCP jobsAnsible jobsIT infrastructure jobsData Analytics jobsTCP/IP jobsSAP jobsCRISC jobsCCSP jobsUNIX jobsSANS jobsSOAR jobsBanking jobsMITRE ATT&CK jobsSOX jobsJavaScript jobsSecurity strategy jobsClearance Required jobsDNS jobsZero Trust jobsJira jobsMachine Learning jobsPolygraph jobs