12 Jun
Information Security Analyst Junior Technical and Functional
Vacancy expired!
- Plan and implement security measures to protect computer systems, networks, and data.
- Prevent loss and service interruptions by researching new technologies that will effectively protect a network.
- Author project FISMA authorization packages.
- Develop and maintain Standard Platform Configurations for on premises, AWS, and Azure systems.
- Conduct forensic analysis and investigation of incidents and/or data issues.
- Perform threat and vulnerability assessments, in some cases followed by appropriate remedial action, to ensure that systems are protected from known and potential threats and are free from known vulnerabilities.
- Create, collect information, and maintain Client's security assessment Evidence Library.
- Analyze and review program efforts relative to analysis and design, software quality assurance (QA), and security requirements management of client initiatives.
- Provide security related technical support in assisting during the development of release/build scope plans, risk management, and schedules to maintain compliance with the client software development process.
- Help during the development of user acceptance testing procedures to ensure security controls performed as intended in a production environment prior to deployment.Formulate recommendations to resolve problems impacting the quality and effectiveness of security controls in software development projects.
- Deliver or facilitate training for secure software coding practices to software developers.
- Maintain network security diagrams.
- Participate in information security working groups.
- A bachelor's degree, preferably in an IT related field is required.
- Knowledge and experience with FISMA and the NIST Risk Management Framework are needed for this job.
- This position requires strong interpersonal skills as there is interaction with people and it is technical as well, so it requires both skills.
- Candidates should have excellent verbal and written communication skills, ability to work well under minimal supervision and work in a team-oriented environment.
- Must be able to gather requirements from non-technical staff and translate that information into technical documentation to be used by developers and engineers.
- Must have strong analytical and problem-solving skills to enable effective security incident and problem resolution is essential.
- At least one IT security certification is highly preferred (Security+, Certified Information Systems Security Professional (CISSP), GIAC Security Essentials (GSEC), Systems Security Certified Practitioner (SSCP), Certified Information Security Manager (CISM), and Certified Information Systems Auditor (CISA)).
- Experience testing system security controls and determining security compliance with requirements.
- Familiarity with the software development lifecycle processes.
- Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response, and identity and access management.
- Experience in developing, documenting, and maintaining security procedures.
Vacancy expired!