Security Analyst

PPT Solutions   •  

Annapolis Junction, MD

Industry: Professional, Scientific & Technical Services

  •  

8 - 10 years

Posted 55 days ago

This job is no longer available.

PPT Solutions is seeking a Security Analyst in Annapolis Junction, Maryland.

Description of Responsibilities for the Security Analyst:

  • Provide technical guidance on a range of specific Technology Controls and Information Security programs, policies, standards and incidents.
  • Lead risk assessment, required controls definition, control procedure appropriateness, vulnerability assessments and any other relevant areas.
  • Conduct comprehensive risk and control design assessments for an application portfolio, articulate and document impact of control gaps to the business and enterprise-wide, risk mitigation and remediation plans, remediation strategy document or provide information security solutions to address risks.
  • Provide guidance and/or lead on the development of on-going technology risk reporting, monitoring key trends and defining metrics to regularly measure control effectiveness for own area.
  • Develop on-going Technology Risk reporting, monitoring key trends and defining metrics to regularly measure control effectiveness for own area.
  • Proactively work with technology partners and stakeholders and service/platform owners to ensure all technology security components are integrated into the governments Enterprise Architecture, and any control gaps are addressed.
  • Adhere to, advise on, oversee, monitor, enforce enterprise frameworks and methodologies related to technology controls and information security activities.
  • Influence behavior to reduce risk and foster a strong technology risk management culture throughout the enterprise

Required Knowledge, Skills, and Abilities for the Security Analyst:

  • Bachelor's Degree required, Master's Degree preferred
  • At least 7 Years experience (if less than 15 years of experience, must have a Master's degree)
  • Experience in Supporting Government Information Systems Security Officer (ISSO)
  • Cyber Security Analyst Skills
  • Strong Experience with Xacta 360
  • RSA Archer - for tracking ISVMs
  • Strong working knowledge with Nessus Scans
  • Strong working knowledge with APP Scan Enterprise
  • Strong working knowledge with JAZZ
  • Strong knowledge with Oracle
  • Strong Experience with NIST Publications and the Risk Management Framework (RMF) NIST 800-37, NIST 800-53 Rev. 4, NIST 800-53A
  • Should have a strong working knowledge in writing Security Plans for Federal information systems (implemented, hybrid, inherited security controls)
  • Certified Authorization Professional (CAP) Certification strongly preferred
  • Experience managing Plans of Action and Milestones (POA&M) and Continuous monitoring
  • Drafting of Interconnection Security Agreements
  • Work will be full time, on site in Annapolis Junction, Maryland
  • Excellent communication skills (verbal & written)
  • Previous experience on application risk assessments
  • Experience with key risk indicators reporting
  • Must be a U.S. Citizen and able to pass a government background investigation
  • Travel may be required once per month

Desired Knowledge, Skills, and Abilities for the Security Analyst:

  • CISA - Certified Information Systems Auditor
  • CISSP - Certified Information systems security professional