Information System Security Analyst / Engineer to work on Cyber Security
DC firm specializing in cyber security, cloud security, risk management, critical infrastructure, and governance issues seeks to immediately hire an Information System Security Analyst / Engineer to work on Cyber Security. You will work in Rockville, MD. You will earn a top salary based on your experience, plus you will enjoy: Three (3) weeks annual paid time off. A comprehensive, company-paid medical, dental, and vision plan. A 401K plan plus company added benefit contributed annually. An Annual bonus based on performance. Educational benefits. And much, much more. You will be responsible for planning, developing, finalizing, and reviewing key deliverables in each stage of the Security Assessment & Authorization (SA&A) life cycle process. In addition, you will be: Developing security artifacts and/or standards and policies across multiple IT platforms, including: Mainframe, Client Server, and Web-based systems. Actively engaged in identifying unique system characteristics, Interviewing key organizational personnel (technical, administrative, and executive) and working with the IT Security consulting team to compose requisite documentation (security categorizations, risk assessments, contingency plans, security test & evaluation reports, vulnerability assessment reports, etc.), Mapping complex technical requirements, functionality, and capabilities to prescribed security controls, policies, and practices. Developing security artifacts and/or standards and policies across multiple IT platforms, including: Mainframe, Client Server, and Web-based systems. Understanding the capabilities associated with the security monitoring products across all IT platforms. Ensuring that the policies reflect current standards in place including FISMA and other industry standards. Monitoring compliance and conducting periodic reviews of policies. Conducting in-depth technical reviews of new and existing IT systems in order to identify the appropriate mitigation strategies required to bring these systems into compliance with established policy and industry guidelines. Providing ongoing gap analysis of current policies, practices, and procedures as they relate to established guidelines outlined by NIST, OMB, FISMA, etc. In order to be considered, you must have: A strong understanding of standards and requirements outlined by FISMA, NIST, OMB and others are required. An acknowledged industry cyber security certification such as CISSP, CISM, CISA, or CAP is desired but not required. A minimum of 4 years?? experience in the SA&A field and at least 2 years?? experience in information systems, computer science, or a related field (may be concurrent). A Bachelor??s degree in information systems, computer science, or 4 years additional equivalent experience. A NRC security clearance or be a US Citizen and able to obtain an NRC Clearance Knowledge of IT security architecture and design (firewalls, Intrusion Detection Systems, Virtual Private Networking, and virus protection technologies -- behavioral based a plus). Knowledge of LAN/WAN design and general internetworking technologies. Hands-on experience a plus. Knowledge of Windows and Unix operating systems. If you enjoy analyzing and safe-guarding systems and are able to work collaboratively with others to complete high-quality deliverables on schedule, then this career move is the one you have been seeking. Please send your resume, in complete confidentiality now for immediate consideration.