Information Security Analyst – Junior – Csia

Information Security Analyst – Junior – Csia

Requirements

• Bachelor’s Degree in Computer Science, Information Systems, Engineering, Business or other related field.
• A minimum of 5 years of working experience in information assurance, information security, or cyber security.
• Demonstrate a detailed understanding of multiple security assessment applications and the ability to create applications when those tools will not suffice for an assessment – please provide details to explain how this was met.
• Must have a minimum of 1 year of experience that demonstrates a detailed understanding of multiple security assessment applications and the ability to create applications when those tools will not suffice for an assessment – please provide details to explain how this was met.
• Must have supported an NSA approved Cross Domain Solution (CDS) Lab Based Security Assessment (LBSA) team.
• Must have a minimum of 1 year of experience in cross domain solutions (CDS), conducting hands-on security assessments, networking, Linux, virtual machines and appliances, and software/scripting development.
• Confirmation that training was conducted with CDS Raise the Bar (RTB) requirements.
• Confirmation that they were on a LDS team that conducted a Raise the Bar (RTB) – Third party confirmation via a letter from NSA is required.
• On a research and development (R&D) team created a solution that was Raise the Bar (RTB) compliant – please provide a Point of contact for Project Manager providing oversight for the R&D team.
• Must be professionally recognized cybersecurity certification in a DoD Directive 8140, specifically the OSCP or OSCE. (refer to the link : https://public.cyber.mil/cwmp/dod-approved-8570-baseline-certifications/).
• Must be a minimum of IAT Level II, IAM Level I, or IASAE Level I for the 3 CDS job categories.
• Must have an Active TOP SECRET US Government Clearance. Note: US Citizenship is required to obtain a TOP SECRET Clearance.

Responsibilities

• Responsible for ensuring that a company’s information and data are safe from threats.
• Creates and implements security policies and protocols, monitoring networks for suspicious activities, and responds to any security breaches that might occur.
• Responsible for assessing information risk and facilitating remediation of identified vulnerabilities for IT security and IT risk across the enterprise.
• Presents new and existing information security information to workforce and management, compile management reports, summary analysis, and detailed presentations to describe risk, controls, and maturity assessments, and manage and maintain a SIEM and Threat and Incident Response Program.
• Works with other functions (Legal, Compliance, ) to coordinate control requirements and control reporting.
• Compiles management reports, summary analysis, and detailed presentations to describe risk, controls, and maturity assessments.
• Manage and maintain a SIEM and Threat and Incident Response Program.
• Contribute to and assist with developing business specific risk and compliance reporting.
• Co-ordinate research initiatives on industry, technology and information security trends, approaches and tools.
• Perform co-ordination and assist with demand management responsibilities of security consulting teams.
• Define and maintain Information Security aspects of GRC tool and process requirements, selection, and deployment.
• Manage security incidents, investigations and reporting.
• Other duties as assigned.

Preferred Qualifications

• Background in working for or supporting the NSA
• Demonstrated ability in Microsoft systems (Word, Excel, PowerPoint).
• Past experience working in C5ISR an CSIA.