Senior Information Security Analyst

Goldbelt, Inc.$100K — $140K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • 5+ years of relevant experience in cybersecurity roles.
  • Deep understanding of DoD Risk Management Framework.
  • Experience as an Information Assurance Officer or similar position.
  • Professional certifications (CISSP, GSLC, etc.) per DoD 8570.01 requirements.
  • Eligibility for a federal Public Trust clearance.

Responsibilities

  • Manage cybersecurity accreditation requirements in collaboration with key personnel.
  • Ensure compliance with DoDI 8500.01 and DoDI 8510.01 for information systems.
  • Track and document system configurations and conduct regular audits.
  • Schedule and oversee compliance testing and contingency planning.
  • Manage compliance actions using eMASS and Coast Guard tracking tools.
  • Conduct annual updates of system profiles in the approved repository.
  • Serve as the IAO/ISSO, advising on cybersecurity policies and emerging threats.

Benefits

  • Medical, dental, and vision insurance.
  • 401(k) plan with company matching.
  • Tax-deferred savings options.
  • Supplementary benefits.
  • Paid time off and professional development opportunities.
Full Job Description
Overview

Please note that this position is contingent upon the successful award of a contract currently under bid.

 

Summary:

The Senior Information Security Analyst is responsible for the overall cybersecurity of assigned networks and devices.  They must have intimate knowledge of federal government, Department of Defense, and U.S. Coast Guard cybersecurity requirements.

Responsibilities

Essential Job Functions:

  • Aggressively manage Cyber security accreditation requirements by working closely with the Program Manager, system administrators, database administrators and other key personnel to ensure all system accreditations remain current.
  • Ensure that all initial and recurring certification and accreditation activities are completed in accordance with DoDI 8500.01, Cyber Security, and DoDI 8510.01, Risk Management Framework (RMF) for assigned information systems, as well as maintaining compliance with the Federal Information Security Management Act (FISMA) of 2002 and other applicable directives for the assigned information systems
  • Working directly with leadership, developers, engineers, system and database administrators to track changes to the system configurations and software, conducting regular reviews, updates and maintenance of certification and accreditation plans, topology drawings, and associated documents, and uploading completed documents to eMASS.
  • Schedule, oversee and document information system compliance testing, to include weekly Assured Compliance Assessment Solution (ACAS) scans and annual execution and testing of the Contingency Plans.
  • Manage accreditation and annual compliance actions using eMASS and the U.S. Coast Guard tracking tools to ensure annual reviews, control tests and contingency plan tests are completed on schedule to comply with FSMA requirements and keep the Program Manager informed of compliance and status of ATO efforts via updates to the PM’s Drumbeat and Metrics products.
  • Conduct a continuous review of all applications and database tools that make up the family of systems to ensure all software versions are registered and approved for use by the U.S. Coast Guard.
  • Conduct an annual review and update of all parent and child system profiles in the DHS approved repository system to ensure system’s registrations are complete and accurate, and that essential waivers for Data-At-Rest (DAR) and unsupported Commercial-Off-The-Shelf (COTS) software are documented and approved by U.S. Coast Guard CIO so that accreditations are not adversely affected.
  • Serve as Information Assurance Officer (IAO)/Information Systems Security Officer (ISSO), directly advising and assisting the Program Manager, developers, engineers, system and database administrators and staff on all cyber security policy, configuration and compliance matters.
    • This includes all aspects of cyber security that may affect the system security posture, to include emerging threats published in Cyber Alerts, Communication Tasking Orders, and vulnerability alerts and bulletins issued under the Information Assurance Vulnerability Management program.
  • As IAO/ISSO, advise the team on ports, protocols and services (PPS) approved for use by the U.S. Coast Guard, and register new PPS in the U.S. Coast Guard PPS Management Registry.
  • Prior to testing, identify Security Technical Implementation Guides (STIGs) to be applied to systems under development and test, and identify appropriate vulnerability scanning tools to be used during testing, to include the ACAS and Security Content Automation Protocol (SCAP) Compliance Checker automated scanning tools.
  • The IAO/ISSO will assist during scanning and advise the team on the remediation of findings identified during testing.
  • Following testing, the IAO will collect, collate, review and validate all test results and prepare supporting documentation, reports and artifacts to support the certification and accreditation of the system. Following accreditation, the IAO/ISSO will track and manage open findings in the Risk Assessment Report until mitigated or closed.
  • Provide expert advice in support of special projects, to include the development of an automated Cross Domain Solution (CDS) for use by the program and closely coordinate actions with the U.S. Coast Guard Cross Domain Solutions Office (USCGCDSO) and the Department of Homeland Security Unified Cross Domain Management Office (UCDMO).
    • This support includes authoring and submitting detailed system documentation and architectural drawings and working closely with both USCGCDSO and UCDMO personnel to navigate through a complex and highly technical approval process.
  • On a daily and weekly basis, provide authoritative cyber security advice during Internal Review Boards and make recommendations on open Configuration Change Requests (CCRs); Application Change Requests (ACRs), Database Change Requests (DBCRs), QA Trouble Reports (QTRs), Problem Reports (PRs), and Program Trouble Reports (PTRs).
Qualifications

Necessary Skills and Knowledge:

  • Proven record of honesty and integrity in all relationships.
  • Demonstrated leadership and organizational skills.
  • Excellent interpersonal skills and a collaborative management style.
  • Excellent communication skills, both verbal and written.
  • Excellent computer skills and proficient in Excel, Word, PowerPoint, Outlook, Visio, and Access.

Minimum Qualifications:

  • Minimum of five (5) years relevant experience.
  • Detailed knowledge of DoD Risk Management Framework
  • Experience in an IAO/ISSO or Information Assurance Manager (IAM)/Information Systems Security Manager (ISSM) position.
  • Appropriate professional certifications per DoD 8570.01 (CISSP, GSLC or equivalent).
  • Must be eligible for a federal Public Trust clearance.

Preferred Qualifications:

  • Bachelors degree in cybersecurity or related degree
  • CISSP Certification

 

Pay and Benefits

The annual salary range for this position is $100,000 to $140,000.

 

At Goldbelt, we value and reward our team's dedication and hard work. We provide a competitive base salary commensurate with your qualifications and experience. As an employee, you'll enjoy a comprehensive benefits package, including medical, dental, and vision insurance, a 401(k) plan with company matching, tax-deferred savings options, supplementary benefits, paid time off, and professional development opportunities.

 

About Goldbelt, Inc.

Goldbelt, Inc. Careers

Joining Goldbelt, Inc. presents a prime opportunity to be part of a team that values innovation, leadership, and diversity. As a recognized leader in providing innovative solutions, Goldbelt, Inc. offers a variety of job opportunities that cater to professionals seeking growth and development in their careers.

Explore Career Opportunities

Goldbelt, Inc. is actively hiring and offers a range of positions that suit different skills and career aspirations. From internships that provide real-world experience to full-time positions that challenge and expand professional capabilities, Goldbelt, Inc. ensures that every team member can find a path that suits their career goals.

Professional Growth and Development

Goldbelt, Inc. is committed to the professional growth of its employees. With comprehensive training programs and leadership development opportunities, employees are equipped to take on leadership roles within the company. The emphasis on continuous learning and development ensures that every employee has the tools needed to succeed and innovate within their field.

Diversity and Inclusion

At Goldbelt, Inc., diversity is more than just a buzzword. The company fosters an inclusive culture where diverse perspectives are valued and contribute to the company's success. Diversity training programs are integral, ensuring that all team members understand and appreciate the strength that lies in differences.

Benefits and Culture

The benefits at Goldbelt, Inc. go beyond standard employment perks. Employees enjoy a supportive culture that promotes work-life balance, alongside benefits that cater to both personal and professional needs. This supportive environment ensures that employees feel valued and motivated to contribute their best work.

Networking and Career Advancement

Goldbelt, Inc. encourages networking within the industry, providing employees with numerous opportunities to connect with peers and leaders who can influence their career trajectory. These connections are vital for professional development and can lead to new opportunities within the company.

Applying for a Position

To apply for a position at Goldbelt, Inc., candidates are encouraged to submit a resume that highlights relevant experience and skills. The interview process is designed to assess not only professional qualifications but also a candidate's fit within the company culture and their potential to contribute to the team’s success.

Stay Connected with Goldbelt, Inc. Careers

Interested candidates can stay updated on new job opportunities and company news by subscribing to job alert emails. This personalized subscription keeps potential applicants informed about positions that match their skills and career interests.

Join Goldbelt, Inc.

Explore the career opportunities at Goldbelt, Inc. and discover how joining this team can enhance professional skills, foster personal growth, and provide a rewarding career path in a dynamic and supportive environment.

SEARCH GOLDBELT JOBS

READ CAREERS BLOG

Learn more about Goldbelt, Inc.

Similar Jobs

More Jobs at Goldbelt, Inc.

More Information Technology Jobs

Find similar Senior Information Security Analyst jobs: