Senior Information Security Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

DSA · 1 week ago

Senior Information Security Analyst

positionFairfax, VA
timeFull-time
remoteHybrid
senioritySenior Level, Lead/Staff
date8+ years exp

DSA is hiring a Senior Information Security Analyst to support the Environmental Protection Agency (EPA) in the DC Metro area. The role involves advising senior-level stakeholders on InfoSec initiatives, leading validation efforts, and managing the InfoSec program to enhance security measures.

AerospaceInformation ServicesInformation TechnologyPublic SafetySoftware
check
Growth OpportunitiesbadNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Advising senior-level stakeholders on InfoSec initiatives including compliance, awareness and training, and security operations
Leading Independent Validation and Verification (IV&V) efforts on security authorization/ATO packages to ensure compliance with agency requirements
Leveraging the existing Governance, Risk, and Compliance (GRC) tool, Telos Xacta (or an alternate like CSAM or RSA Archer), to track and reconcile findings from assessments, audits, and vulnerability scans
Coordinating government data calls (FISMA, FMFIA, BDR, etc.) and monthly reports
Assessing the effectiveness of the InfoSec and privacy training program and leading the collection, analyzing, and presentation of enterprise-level InfoSec performance metrics
Managing InfoSec Program POA&Ms, including advising on remediation efforts
Working closely with senior agency security officials, system owners, information system security officers (ISSOs) and other stakeholders to advise and implement security solutions
Identify opportunities for efficiencies in work process and innovative approaches
Participating in team problem solving efforts and offer ideas to solve client issues
Conducting relevant research, data analysis, and developing reports
Preparing and assisting in the development of policy and procedures
Implementing processes and procedures to monitor risk across programs / projects
Preparing briefings to the executive team to debrief the results of studies, analyses, and plans
Assisting the client leadership in reviewing monthly project progress, documenting issues, and monitoring resolution

Qualification

NIST 800-53 Rev 4NIST 800-37 RMFGovernanceRiskCompliance toolAdvanced cybersecurity certificationData analysis skillsPrioritize tasksCommunication skillsAttention to detailLeadership experience

Required

Ability to obtain a Public Trust
Bachelor's degree in information technology or related field and 8 years of relevant IA experience. May substitute security certification (e.g. CISSP) for 2 years of experience
3+ years in a leadership role
Strong data analysis skills
Excellent written and verbal communication skills
Possess in-depth knowledge of applying, selecting and testing the NIST 800-53 Rev 4 security controls
Possess in-depth knowledge of NIST 800-37 Risk Management Framework
Experience with a Governance, Risk and Compliance tool (e.g., Xacta, RSA Archer, CSAM or eMASS)
Excellent attention to detail
Ability to handle and prioritize multiple tasks and deadlines

Preferred

Advanced level cybersecurity certification (e.g., CompTIA CISM, ISC2 CISSP)
In-depth knowledge of applying, selecting and testing the NIST 800-53 Rev 5 security controls

Company

DSA

twittertwittertwitter
company-logo
Data Systems Analysts, Inc.
dateFounded in 1963
location
Feasterville Trevose, Pennsylvania, USA
people-size201-500 employees
web-link
https://www.dsainc.com

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Frances Pierce
Chairman & CEO
linkedin
Company data provided by crunchbase