SIGN IN
Journeyman Information Security Analyst (15.38) jobs in United States
cer-icon
Apply on Employer Site
company-logo

OCT Consulting LLC · 11 hours ago

Journeyman Information Security Analyst (15.38)

positionWashington, DC
timeFull-time
remoteOnsite
seniorityMid, Senior Level
money$100K/yr - $120K/yr
date5+ years exp
OCT Consulting LLC is a business management and technology consulting firm that provides support to Federal Government clients. They are seeking a Journeyman Information Security Analyst to provide subject matter expertise in executing technical Security Controls Assessments and Risk Analyses on information systems to identify risks and vulnerabilities.
ConsultingInformation TechnologyProfessional Services
badNo H1BnoteU.S. Citizen Onlynote

Responsibilities

Execute the hands-on manual technical NIST SP 800-53 security control assessments including any overlays (e.g. high value asset, artificial intelligence, critical software, FedRAMP, etc.)
Assess the impacts of new laws, regulations, policies, and guidance on client Security Assessment requirement initiatives and advise on recommended process changes. Additionally review current client policies, guidance, manuals, and supporting tools to recommend updates and improvements, and assist with the implementation of any new guidelines
Recommend process improvements and automated approaches to support testing methodologies, establishing streamlined/agile approaches for Security Controls Assessments
Maintain key assessment package templates to ensure compliance with current/emerging federal guidance and lessons learned
Execute security controls assessments and provide training to ensure Government staff understand and can perform security control assessments
Provide subject matter expertise to incorporate threat modeling & hunting into the security control assessment process, improving the Government's ability to proactively identify and mitigate risks
Identify, develop, and implement automation solutions that enhance the efficiency, accuracy, and timeliness of program operations. Evaluate current business processes, workflows, and system interactions to determine opportunities where automation—such as robotic process automation (RPA), workflow orchestration, data transformation tools, or other intelligent automation technologies—can reduce manual workload, eliminate redundancies, and improve mission outcomes

Qualification

NIST SP 800-53Security+ CECISSPCybersecurityFISMARisk Management FrameworkAutomation solutionsIncident responseCloud systemsVulnerability managementIRS Enterprise LifecycleQmulos Q-ComplianceProject managementCommunication

Required

Must be a U.S. Citizen
Bachelor's degree in Cybersecurity, Information Systems, Computer Science, or related field
Security+ CE certification required
5 to 8 years of progressively responsible experience in information security, cyber risk management, or IT security operations
At least 3 years of hands-on experience in system security analysis, vulnerability management, or incident response within a Federal Information Systems Security or equivalent enterprise environment
Excellent presentation and verbal communication skills
Ability to create accurate written work products by following Job Aids and document templates
Ability to work under pressure and tight timelines for multiple projects with positive attitude and flexibility
Knowledge of FISMA, NIST Special Publications, OMB, Risk Management Framework (RMF), and ISCM Plan development
IT security knowledge with desired Professional Certifications from the International Information System Security Certification Consortium (ISC)2, the International Society for Automation (ISA), the Project Management Institute (PMI), CompTIA, or the SANS Institute
Knowledge and experience with technology risk assessments covering Webservices, network appliances and software
Knowledge and experience of the IRS Enterprise Lifecycle and OneSDLC
Knowledge of System Interconnections to include virtual private network (VPN) and other encryption technologies
Knowledge and experience with cloud systems, CSPs, and FedRAMP requirements
Project management experience, experience in monitoring and overseeing multiple tasks concurrently
Ability to pass a federal government background investigation; the investigation will involve a credit, fingerprint, and law enforcement agency check

Preferred

Higher-level certifications (e.g., CISSP, CISM, CEH, CAP) are highly preferred and may substituted for additional years of experience
Knowledge/experience with Qmulos Q-Compliance, SharePoint, scanning tools, ServiceNow GRC, SPLUNK is preferred

Benefits

Medical, Dental, and Vision insurance
Retirement savings 401K plan provided by an industry leading provider with 3% employer contributions of the employee's gross salary
Paid Time Off and Standard Government Holidays
Life Insurance, Short- and Long-Term disability benefits
Training Benefits

Company

OCT Consulting LLC

twittertwittertwitter
company-logo
OCT Consulting LLC is a minority-owned, Small ​Disadvantaged Business (SDB) providing professional services and information technology solutions to the Federal government and commercial clients.
dateFounded in 2013
location
Mclean, Virginia, USA
people-size51-200 employees
web-link
https://www.octconsulting.com

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Atul Kathuria
Founder & CEO
linkedin
Company data provided by crunchbase