Information Systems Security Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

OBSIDIAN #TheNewAlternative ยท 3 weeks ago

Information Systems Security Analyst

positionDahlgren, VA
timeFull-time
remoteOnsite
seniorityMid Level
date4+ years exp

Obsidian Solutions Group LLC is seeking a highly skilled Information Systems Security Analyst to provide comprehensive cybersecurity support for critical government systems and networks. The role involves implementing security controls, conducting risk assessments, and ensuring compliance with federal cybersecurity standards and regulations.

AnalyticsBusiness DevelopmentHealth Care
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Apply cybersecurity principles, threat analysis, vulnerability assessment, and risk management processes to protect government information systems
Implement and manage encryption algorithms including IPSEC, AES, GRE, IKE, MD5, SHA, and 3DES
Develop and maintain data backup and recovery procedures and disaster recovery/continuity of operations plans
Configure and manage host/network access control mechanisms including Access Control Lists (ACLs)
Conduct incident response and handling activities following established methodologies
Perform intrusion detection, network traffic analysis, and security monitoring
Analyze system and application security threats and vulnerabilities including buffer overflow, cross-site scripting, and SQL injection attacks
Design and implement security architecture using enterprise architecture reference models
Ensure compliance with national and international cybersecurity laws, regulations, policies, and ethics standards
Monitor current and emerging threats and threat vectors to proactively defend against attacks
Conduct penetration testing using industry-standard principles, tools, and techniques
Perform system administration, network hardening, and operating system security configuration
Implement and manage cloud security controls for SaaS, IaaS, and PaaS environments
Protect sensitive data including PII, PCI, and PHI in accordance with data security standards
Support information security program management and risk management processes
Participate in secure acquisitions and IT supply chain security activities

Qualification

Cybersecurity principlesIncident responseEncryption algorithmsNetwork security architectureRisk managementData backupRecoveryThreat analysisPenetration testingNetwork protocolsSoft skills

Required

Four (4) years of experience in Cybersecurity
Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field required
DOD 8570 IAT II certifications required (Security+ or equivalent)
Active Secret, Top Secret, or TS/SCI clearance required
Expert knowledge of cybersecurity principles, threats, vulnerabilities, and risk management processes
Proficiency with encryption algorithms (IPSEC, AES, GRE, IKE, MD5, SHA, 3DES)
Experience with data backup and recovery concepts, tools, and disaster recovery planning
Strong knowledge of host/network access control mechanisms (ACLs)
Experience with incident response and handling methodologies
Proficiency in intrusion detection methodologies and network traffic analysis methods
Expert knowledge of network protocols (TCP/IP, OSI model)
Experience identifying and mitigating system and application security threats (buffer overflow, cross-site scripting, SQL injection)
Knowledge of security architecture concepts and enterprise architecture reference models
Understanding of national and international cybersecurity laws, regulations, policies, and ethics
Knowledge of current and emerging threats, threat vectors, and enterprise incident response programs
Experience with penetration testing principles, tools, and techniques
Strong computer networking knowledge including protocols and security methodologies
Experience with system performance and availability monitoring
Knowledge of system software and organizational design standards (ISO guidelines)
Understanding of system life cycle management principles including software security and usability
Experience with system/server administration and systems engineering concepts
Proficiency with server and client operating systems
Knowledge of network security architecture concepts (topology, protocols, defense-in-depth)
Experience with network systems management principles and tools
Proficiency in system administration, network, and operating system hardening techniques
Knowledge of cloud computing service and deployment models (SaaS, IaaS, PaaS)
Experience with cloud security strategy and architecture
Understanding of data security standards (PII, PCI, PHI)
Knowledge of information security program management and project management principles
Understanding of resource management principles and risk management processes
Experience with secure acquisitions, procurement, and supply chain risk management
Knowledge of IT supply chain security and risk management
Understanding of applicable laws, statutes, Presidential Directives, and guidelines related to cybersecurity and privacy
Knowledge of organizational risk tolerance and risk management approaches
Understanding of critical IT procurement requirements

Benefits

Exceptional benefits that protect the well-being of our employees, their spouses and domestic partners, and their families

Company

OBSIDIAN #TheNewAlternative

twittertwittertwitter
company-logo
We help healthcare providers gain access to #TheAlternative analytics and business solution platform.
dateFounded in 2012
location
Raleigh, North Carolina, USA
people-size11-50 employees
web-link
https://obsidiansolutions.com

Funding

Current Stage
Early Stage
Company data provided by crunchbase