IT Security Analyst

Overview

The IT Security Analyst is responsible for implementing and enforcing information systems security policies, standards, and methodologies and assist with preparation and maintenance of documentation. Assist in the evaluation of security solutions to ensure they meet security requirements for processing classified information. Assist the ISSO on information system security software, hardware, and firmware. Maintain records on workstations, servers, routers, firewalls, intelligent hubs , network switches, etc. to include system upgrades. Propose, coordinate, implement, and enforce information systems security policies, standards, and methodologies. Develop and maintain documentation for C&A in accordance with ODNI and DoD policies. Provide documentation on security-relevant information system software, hardware, and firmware (U) Develop system security policy and ensure compliance.

 

This position performs all duties and responsibilities in accordance with the Mission, Vision, and Core Values of Cayuse.

 

Responsibilities

• Evaluate security solutions to ensure they meet security requirements for processing classified information
• Maintain operational security posture for an information system or program
• Provide support to the Information System Security Manager (ISSM) for maintaining the appropriate operational IA posture for a system, program, or enclave
• Develop and update the system security plan and other IA documentation
• Assist with the management of security aspects of the information system and perform day-to-day security operations of the system
• Administer the user identification and authentication mechanism of the Information System (IS)
• Provides support for a program, organization, system, or enclave’s information assurance program.
• Provides support for proposing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies.
• Maintains operational security posture for an information system or program to ensure information systems security policies, standards, and procedures are established and followed.
• Assists with the management of security aspects of the information system and performs day-to-day security operations of the system.
• Evaluate security solutions to ensure they meet security requirements for processing classified information.
• Performs vulnerability/risk assessment analysis to support certification and accreditation.
• Provides configuration management (CM) for information system security software, hardware, and firmware.
• Manage changes to the system and assess the security impact of those changes.
• Prepares and reviews documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs).
• Supports security authorization activities in compliance with National Institute of Standards and Technology Risk Management Framework (NIST RMF).

• Other duties as assigned.

 

Qualifications

• A technical BS degree from an accredited university, or
• Certified Information Systems Security Professional (CISSP),and/or
• Certified Information Systems Auditor, and
• A minimum of 7 years of experience in performing system and application certifications and accreditations.
• Certified Authorization Professional (CAP) certification will be required within 6 months of the award, if not CISA.
• Advanced practical experience in managing all phases of systems C&A activities ranging from early concept development to system retirement.
• Expert in the processes and documentation requirements for numerous C&A methodologies.
• Knowledge of National Institute of Standards and Technology Risk Management Framework (NIST RMF).
• Strong analytical skills.
• Advanced practical experience in managing all phases of systems C&A activities ranging from early concept development to system retirement.
• Expert in the processes and documentation requirements for numerous C&A methodologies.
• Demonstrated experience supporting Government Agencies preferably the Department of State.
• Proven record of learning and adapting new technologies
• Strong attention to detail.
• Top Secret Clearance is required.
• Must be able to pass a background check. May require additional background checks as required by projects and/or clients at any time during employment.
• Time management skills and the ability to communicate effectively with both stakeholders and technical staff.
• Able to work independently with minimal supervision as well as working with a team.
• Solid oral and written communication skills that can be adapted to both the technical, and administrator level.
• Time management skills and the ability to communicate effectively with both stakeholders and technical staff.
• Able to work independently with minimal supervision as well as working with a team
• Solid oral and written communication skills that can be adapted to both the technical, and administrator level.
• Must possess problem-solving skills.
• Proficient in Microsoft and Adobe toolsets, including Excel, Word, PowerPoint, Acrobat, etc.
• Highly motivated with the ability to handle and manage multiple tasks at any one time.
• Ability to forge new relationships, individual and teaming in nature.
• Must be a Self-starter, that can work independently and as part of a team.

 

Our Commitment to you / overview of benefits

• Medical, Dental and Vision Insurance; Wellness Program.
• Flexible Spending Accounts (Healthcare, Dependent Care, Commuter).
• Short-Term and Long-Term Disability options.
• Basic Life and AD&D Insurance (Company Provided).
• Voluntary Life and AD&D options.
• 401(k) Retirement Savings Plan with matching after one year.
• Paid Time Off.

Reports to: Program Manager

 

Working Conditions

• Professional office environment.
• Must be able to be on-site in Rosslyn, VA.
• Must be physically and mentally able to perform duties extended periods of time.
• Ability to use a computer and other office productivity tools with sufficient speed to meet the demands of this position.
• Must be able to establish a productive and professional workspace.
• Must be able to sit for long periods of time looking at computer screen.
• May be asked to work a flexible schedule which may include holidays.
• May be asked to travel for business or professional development purposes.
• May be asked to work hours outside of normal business hours.

 

Other Duties: Please note this job description is not designed to cover or contain a comprehensive list of activities, duties or responsibilities that are required of the employee for this job.  Duties, responsibilities, and activities may change at any time with or without notice.

Cayuse is an Equal Opportunity Employer.  All employment decisions are based on merit, qualifications, skills, and abilities. All qualified applicants will receive consideration for employment in accordance with any applicable federal, state, or local law.

Pay Range

USD $100,000.00 - USD $140,000.00 /Yr.