Previous Job
Information Security Analyst
Ref No.: 17-02195
Location: Raleigh, North Carolina
- 5-7 years' experience working in a risk management, audit, security or technical delivery role
- Bachelor or master degree in Computer Science, Computer Studies, Information Security (or equivalent combination of education and experience)
- Knowledge of the security countermeasures and overall RMF and NIST compliance regulations
- Excellent and effective communication skills
- Ability to work effectively in diverse, multi-national and virtual environments
- Self-motivated and tenacious
- Demonstrate sound judgment and integrity
The following are the primary responsibilities:
• Works closely with client to ensure operational security measures are implemented.
• Assesses and mitigates system security risks; determines and analyzes security requirements for implementation and testing.
• Reviews and continuously monitors implemented security controls.
• Creates and maintains security checklists, templates and other tools to aid in the A&A process.
• Performs security control assessment using NIST 800-53A guidance and as per continuous monitoring requirements.
• Performs risk analyses to determine and recommends essential safeguards.
• Proactively mitigates system vulnerabilities and recommends compensating controls.
• Prepares security authorization packages in accordance with the client contractual requirements.
• Develops core documents such as System Security Plan, Contingency Plan, Incident Response Plan, Standard Operating Procedures, Plan of Actions and Milestones, Remediation Plans, Configuration Management Plan, etc.
• Maintains client-specific Plan of Action and Milestones and supports remediation activities.
• Maintains an inventory of hardware and software for the information system.
• Develops, tests and trains on Contingency and Incident Response planning.
• Conducts independent scans of application, network and database and utilizes Managed Security Services Vulnerability Assessment Team (VAT) support as applicable.