Apply on Employer Site

DNI (Delaware Nation Industries) · 3 weeks ago

Information Systems Security Analyst

Dahlgren, VA

Full-time

Onsite

Mid Level

4+ years exp

Delaware Nation Industries is seeking an Information Systems Security Analyst who provides cybersecurity and information assurance support for Navy information systems. The analyst ensures the confidentiality, integrity, and availability of information systems in compliance with Department of Defense (DoD), Navy, and NETC cybersecurity requirements.

Business DevelopmentConsultingInformation ServicesInformation TechnologySoftware

Growth Opportunities

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Provide cybersecurity analysis and protection for Navy information systems supporting SCSTC and NETC missions

Monitor, analyze, and respond to cybersecurity threats affecting training, operational, and enterprise systems

Identify, assess, and mitigate system, application, and network vulnerabilities

Support Risk Management Framework (RMF) activities, including security control implementation and continuous monitoring

Participate in enterprise incident response activities, including detection, containment, eradication, and recovery

Analyze network traffic and system logs to identify anomalous or malicious activity

Support intrusion detection and prevention methodologies and tools

Implement and maintain host-based and network access control mechanisms (e.g., ACLs)

Support vulnerability assessments and penetration testing activities

Assist with data backup, recovery, disaster recovery, and continuity of operations planning

Ensure system and application security throughout the system life cycle

Support enterprise security architecture aligned with approved DoD and Navy reference models

Ensure compliance with national and international cybersecurity laws, regulations, policies, and ethical standards

Maintain documentation related to security controls, incidents, and risk posture

Qualification

Cybersecurity principlesIncident responseRisk Management FrameworkEncryption algorithmsNetwork traffic analysisTCP/IP networkingSystem security vulnerabilitiesEnterprise security architectureData protection standardsResource managementSupply chain securityOrganizational risk managementCloud security strategySystem/server administrationProject managementSoft skills

Required

Minimum of four (4) years of experience in cybersecurity or information security

Strong understanding of cybersecurity principles, threats, vulnerabilities, and risk management processes

Knowledge of encryption algorithms and secure communication protocols (e.g., IPSEC, AES, 3DES, IKE, GRE, MD5, SHA)

Experience with incident response and handling methodologies

Knowledge of intrusion detection techniques and network traffic analysis

Understanding of TCP/IP networking and the OSI model

Familiarity with common system and application security vulnerabilities (e.g., buffer overflow, cross-site scripting, SQL injection)

Knowledge of enterprise security architecture concepts and reference models

Understanding of current and emerging cyber threats and threat vectors

Familiarity with national and international cybersecurity laws, regulations, and policies

Knowledge of enterprise incident response program roles and responsibilities

Experience supporting data protection standards (PII, PCI, PHI)

Knowledge of computer networking concepts, protocols, and security methodologies

Experience monitoring system performance and availability

Familiarity with ISO and other organizational security and design standards

Understanding of system life cycle management, including software security and usability

Knowledge of system/server administration and systems engineering concepts

Experience with server and client operating systems

Familiarity with network security architecture and defense-in-depth concepts

Knowledge of network systems management principles and tools

Experience with system, network, and operating system hardening techniques

Understanding of cloud computing service and deployment models (SaaS, IaaS, PaaS)

Familiarity with cloud security strategy and architecture in DoD-approved environments

Knowledge of information security program and project management principles

Understanding of resource management and prioritization techniques

Experience supporting risk assessment and mitigation activities

Familiarity with secure acquisition practices and critical IT procurement requirements

Knowledge of IT supply chain security and supply chain risk management

Understanding of applicable laws, statutes, Presidential Directives, and guidelines related to cybersecurity and privacy

Awareness of organizational risk tolerance and risk management approaches

DoD 8570/8140 Information Assurance Technical (IAT) Level III certification (e.g., CASP+, CISSP, or equivalent as approved by DoD)

Active DoD Secret security clearance, as required by the contract

Benefits

Covers 100% of employee benefit premiums, including Medical (PPO or HDHP Option), Vision, Dental

Matching 401K

Short- and Long-Term Disability

Pet Insurance

Professional Development/Education Reimbursement

Parking and Transit Benefits for NY, NJ, ATL, and DC Metro areas

Company

DNI (Delaware Nation Industries)

The DNI family consists of tribally owned companies featuring multiple HUBZone and SBA 8(a) Certified companies operating as federally recognized prime contractors providing state-of-the-art Enterprise IT services, Cybersecurity services, Research and Development, Construction, Management, and Professional services to federal and commercial clients.

Founded in 2015

Oklahoma City, Oklahoma, USA

501-1000 employees