Intermediate Information Security Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

DSA ยท 5 hours ago

Intermediate Information Security Analyst

positionFairfax, VA
timeFull-time
remoteHybrid
seniorityMid, Senior Level
date5+ years exp

DSA is hiring an Intermediate Information Security Analyst to support the Environmental Protection Agency (EPA) in the DC Metro area. The role involves advising on information security initiatives, leading validation efforts, and managing compliance programs.

AerospaceInformation ServicesInformation TechnologyPublic SafetySoftware
check
Growth OpportunitiesbadNo H1BnoteU.S. Citizen Onlynote

Responsibilities

Advising stakeholders on InfoSec initiatives including compliance, awareness and training, and security operations
Leading Independent Validation and Verification (IV&V) efforts on security authorization/ATO packages to ensure compliance to agency requirements
Leveraging the existing Governance, Risk, and Compliance (GRC) tool, Telos Xacta (or an alternate like CSAM or RSA Archer), to track and reconcile findings from assessments, audits, and vulnerability scans
Coordinating government data calls (FISMA, FMFIA, BDR, etc.) and monthly reports
Assessing the effectiveness of the InfoSec and privacy training program and leading the collection, analyzing, and presentation of enterprise-level InfoSec performance metrics
Managing InfoSec Program POA&Ms, including advising on remediation efforts
Providing administrative support to Xacta (or equivalent GRC tool) users and authoring operational procedures
Working closely with senior agency security officials, system owners, information system security officers (ISSOs) and other stakeholders to advise and implement security solutions
Identifying opportunities for efficiencies in work process and innovative approaches
Participating in team problem solving efforts and offer ideas to solve client issues
Preparing and assisting in the development of policy and procedures
Conducting relevant research, data analysis, and developing reports
Preparing and assisting in the development of policy and procedures for program-level management and promoting consistency in program management best practices
Implementing processes and procedures to monitor risk across programs / projects
Preparing briefings to executive team to debrief the results of studies, analyses, and plans

Qualification

NIST 800-53 Rev 4NIST 800-37 RMFGovernanceRiskCompliance toolData analysisCybersecurity certificationPrioritize tasksCommunication skillsAttention to detail

Required

Ability to obtain a Public Trust
Bachelor's degree in Information Technology or related field and 5 years of relevant IA experience. May substitute security certification (e.g. CISSP) for 2 years of experience
Strong data analysis skills
Excellent written and verbal communication skills
Possess in-depth knowledge of applying, selecting and testing the NIST 800-53 Rev 4 security controls
Possess in-depth knowledge of NIST 800-37 Risk Management Framework
Experience with a Governance, Risk and Compliance tool (e.g., Xacta, RSA Archer, CSAM or eMASS)
Excellent attention to detail
Ability to handle and prioritize multiple tasks and deadlines
Possible travel to DC Client site/DSA office for badging/equipment

Preferred

Intermediate level cybersecurity certification (e.g., CompTIA Security+, ISC2 CGRC)
In-depth knowledge of applying, selecting and testing the NIST 800-53 Rev 5 security controls
Public Trust

Company

DSA

twittertwittertwitter
company-logo
Data Systems Analysts, Inc.
dateFounded in 1963
location
Feasterville Trevose, Pennsylvania, USA
people-size201-500 employees
web-link
https://www.dsainc.com

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Frances Pierce
Chairman & CEO
linkedin
Company data provided by crunchbase