Information Security Analyst

Information Security Analyst

09 Nov 2024
District of Columbia, Washington, 20001 Washington USA

Information Security Analyst

SummaryCome join a company that strives for Extraordinary People and Exceptional Performance ! Eagle One Solutions, Inc., a Chenega Professional Services ’ company, is looking for a Information Security Analyst to support a large federal IT organization. The ISA will provide information security expertise in support of the Information System Owner (ISO), including planning and execution of security processes within the Systems Engineering Life Cycle (SELC), preparing SELC security documents, ensuring appropriate security controls are applied, providing continuous monitoring during operations, and reviewing and providing recommendations for security policy. This is a highly visible position and will require a self-motivated, well-versed, and knowledgeable candidate to support the organization.Our company offers employees the opportunity to join a team where there is a robust employee benefits program, management engagement, quality leadership, an atmosphere of teamwork, recognition for performance, and promotion opportunities. We actively strive to channel our highly engaged employee’s knowledge, critical thinking, innovative solutions for our clients.Responsibilities

Lead efforts to research and analyze emerging information security vulnerabilities and threats. Collaborate with external organizations within the intelligence community and share findings with the enterprise.

Assist the ISO in monitoring the security posture and vulnerability landscape of multiple systems. Report findings to the Information System Security Officer (ISSO) for necessary remediation.

Serve as a domain expert and improve vulnerability management, security configuration assessment, and penetration testing programs.

Support the ISO in planning and executing SELC processes, ensuring that appropriate security controls are applied, and perform continuous monitoring.

Ensure the procedures are followed to safeguard computer files against unauthorized modifications, destruction, or disclosure, and to meet emergency data processing needs.

Assist with the preparation and renewal of Authorization to Operate (ATO) packages and monitor, track, and control Plan of Action and Milestones (POAMs).

Review violations of IT security procedures, providing recommendations for corrective actions.

Assist in drafting computer security policies, procedures, and emergency measures, ensuring they are current and effective.

Monitor the use of data files and report findings to the ISO and ISSO to safeguard information integrity.

Coordinate the implementation of computer system plans with internal personnel and external vendors.

Qualifications

5 years of relevant federal work experience.

Bachelor’s degree in information technology or related field.

Possess valid and current IAM III certification; ISACA Certified Information Security Manager (CISM) preferred.

Experience in Federal Risk Management Framework (RMF), FISMA, NIST, and Zero Trust Architecture (ZTA).

Participated in a DoD, Command Cyber Readiness Inspection (CCRI).

Experience in DISA Security Technical Implementation Guidance (STIG) implementation.

Experience in DISA ACAS scanning.

Experience in remediation of DISA cybersecurity findings.

Excellent written and verbal communication with a commitment to high-quality output.

Ability to obtain a Public Trust clearance and higher-level clearance as required.

Knowledge, Skills and Abilities:

Detail-oriented, highly organized, and the ability to work efficiently and effectively with others.

Self-motivated and proactive, both with respect to managing workload and own professional development.

People oriented, with the ability to remain objective and communicate well with a range of personalities and audiences.

Strong written and verbal communication skills.

Effective communicator in a wide range of audiences and personality types.

Strategic-oriented, always looking for opportunities for the customer to streamline, gain efficiencies.

Understanding of Agile/SAFe methodologies, Software Development Life Cycle (SDLC) or (SELC) processes, and security vulnerability remediation process.

Computer skills to include but not limited to, skills in operating Microsoft Office software, with emphasis on Word, OneDrive, SharePoint, Excel, Power Point, and Visio; network monitoring, network security, and transaction security.

Final salary determination based on skill-set, qualifications, and approved funding.Many of our jobs come with great benefits – Some offerings are dependent upon the role, work schedule, or location, and may include the following:Paid Time OffPTO / Vacation – 5.67 hours accrued per pay period / 136 hours accrued annuallyPaid Holidays - 11California residents receive an additional 24 hours of sick leave a yearHealth & WellnessMedicalDentalVisionPrescriptionEmployee Assistance ProgramShort- & Long-Term DisabilityLife and AD&D InsuranceSpending AccountFlexible Spending AccountHealth Savings AccountHealth Reimbursement AccountDependent Care Spending AccountCommuter BenefitsRetirement401k / 401aVoluntary BenefitsHospital IndemnityCritical IllnessAccident InsurancePet InsuranceLegal InsuranceID Theft ProtectionTeleworking DetailsOnsite 2-3 days a weekEstimated Salary/WageUSD $115,000.00/Yr. Up to USD $140,000.00/Yr.Chenega Corporation and family of companies is an EOE.Equal Opportunity Employer/Veterans/DisabledNative preference under PL 93-638.We participate in the E-Verify Employment Verification Program

Related jobs

  • Summary This position is located in the IT Security Operations and Monitoring Division within the Office of Technology, Services, and Innovation (TSI). The selectee reports to the Division Director and provides technical expertise to protect the availability, integrity, and confidentiality of agency information that is stored or processed on computing systems managed by TSI on behalf of the agency. Position is Local Remote Work Eligible. Please see Additional Information for more details. Responsibilities As an IT Cybersecurity Specialist (Information Security), you will be responsible for duties to include, but are not limited to: Serves as senior member of core Computer Incident Response Team (CIRT) to address security incidents, investigations, and resolution. Serves as a member of the IT Security Operations Center (SOC) to lead or assist in \"search and destroy\" tasks, event and alert configuration and monitoring, and reporting on operations and findings. Installs, maintains, and administrates security tools in an enterprise with cloud-based and on-premises systems. Conducts and supports investigations. Analyzes events and alerts from agency systems and networks to identify suspicious activity for potential incidents. This may include investigating activities that indicate data loss, data mishandling, account compromise, etc. This could concern PII, criminal or policy violations, phishing, etc. Investigation may involve the analysis of system logs, security tools, file stores, email or other messaging, etc. Ensure the safety of information systems assets and to protect systems and data from intentional or inadvertent access or destruction, while preserving, and where possible, enhancing information system usability. Participates in strategic planning to ensure that USAGM\'s enterprise networks have the appropriate tools and employs the correct techniques to thwart an increasing cyber-crime and cyber espionage threat. Supports the development and deployment of the agency\'s IT Security Awareness Training Program. This may come in the form of reviewing curriculum, making suggestions based on predictions and observed trends, and supporting digital security training/briefs for travelers going to high threat locations. May also include participating in briefing staff onboarding into the agency. May serve as Contracting Officer\'s Representative; required to obtain and maintain COR level 1 to manage and oversee contracts. Evaluates contractor performed services on behalf of USAGM, verifies materials delivered, and approves contractor invoices for payment. Assists with engagement of other agencies such as partial details to joint task forces relevant to USAGM and IT security operations while bringing information back to IT Security Operations on latest trends and threats. Requirements Conditions of Employment Qualifications Applicants applying for the GS-14 grade level must meet the following requirements: Have IT-related experience demonstrating EACH of the four competencies AND one year of specialized experience equivalent to the GS-13 level in the Federal service as described below. COMPETENCY REQUIREMENTS: Attention to Detail - Is thorough when performing work and conscientious about attending to detail. This skill may be demonstrated by assignments actively finding and addressing cybersecurity threats. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. This skill is generally demonstrated by assignments where the applicant is the point of contact for resolving customer IT issues and ensuring their satisfaction. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. This skill is generally demonstrated by assignments where the applicant serves on panels, committees, or task forces as a representative for the organization on technical or professional issues Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. This skill is generally demonstrated by assignments where the applicant troubleshoots complex IT issues and finds effective solutions. SPECIALIZED EXPERIENCE REQUIREMENTS Applicants must have a minimum of one year of specialized experience at a level of difficulty and responsibility comparable to the GS-13 or comparable pay band in the Federal service or equivalent experience in the private sector. Specialized Experience is experience that has equipped the applicant with the knowledge, skills and abilities to successfully perform the duties of the position and includes all of the following: Detecting, analyzing, and responding to IT security threats; Integrating new tools, tactics, and technologies into incident detection and response workflows; and Developing IT security procedures and recommendations to respond to IT security incidents. NOTE: Applicants must ensure their resumes reflect their experience with all of the above specialized experience criteria. Education Education is not required for this grade level. It cannot be used for qualification purposes. Additional Information Local Remote Work Possible: The selectee of this position can request a remote work agreement for a home duty station within the Washington-Baltimore-Arlington, DC-MD-VA-WV-PA pay locality area. This position does have occasional, irregular on-site responsibilities that require reporting to Washington, D.C. so home duty stations outside the Washington DC local commuting area will not be considered through this announcement. USAGM is committed to fostering a diverse and inclusive work environment. To build and retain a workforce that reflects the diverse experiences and perspectives of the American people, we welcome applicants from the many communities, identities, races, ethnicities, backgrounds, abilities, religions, and cultures of the United States who share our commitment to public service. Applicants must meet all qualification requirements by closing date of the announcement to be considered. 1. If you are a male applicant who was born after 12/31/59 and are required to register under the Military Selective Service Act, the Defense Authorization Act of 1986 requires that you be registered or you are not eligible for appointment in this agency. For Military Selective Service Act requirement information, please visit Selective Service 2. Your application to this vacancy announcement will only allow consideration for this announcement. We cannot electronically or manually move your application to corresponding announcements, if applicable. 3. Additional vacancies not reflected in the announcement that occur after the opening date of the vacancy announcement for position(s) identical (same grade, series and title) to the original vacancy may be filled from the selection certificate during the validity of the certificate. 4. Budgetary conditions may delay or otherwise affect filling this vacancy. However, all interested candidates should apply now.

  • Sr. Industrial Security Analyst at SpaceX

  • At Accenture Federal Services, nothing matters more than helping the US federal government make the nation stronger and safer and life better for people. Our 13,000+ people are united in a shared purpose to pursue the limitless potential of technology and ingenuity for clients across defense, national security, public safety, civilian, and military health organizations.

  • Job Number 24177707

  • SGI Global is seeking a Security Analyst to support the U.S. Government Publishing Office (GPO). The Security Analyst will play a pivotal role in protecting the integrity and confidentiality of classified information, adhering to established legal and policy frameworks.

  • Immigration sponsorship is not available for this position

  • Req ID: RQ185238

Job Details

Jocancy Online Job Portal by jobSearchi.