Overview

Information Systems Security Analyst

www.woodcons.com

The Information Systems Security Analyst applies current technologies to the design, development, evaluation and integration of computer information systems and networks to maintain system security. May work with commercial computer product vendors in the design and evaluation of state-of-the-art secure COTS applications, operating systems, networks and database products and technology. Provides security engineering and integration services to internal customers. Involved in a wide range of issues including secure architectures, secure electronic data traffic, network security, information security and privacy. Uses encryption technology, penetration, risk management and vulnerability analysis of various security technologies and information technology security research. Develops security systems for any manual or automated systems environments.

Security Clearance Requirements:

This position requires all candidates to be U.S. Citizens and possess an Active Top Secret clearance with the ability to obtain a TS/SCI. Candidates must be able to receive DHS suitability prior to starting employment.

Responsibilities

Responsible for ensuring the protection of company data against unauthorized disclosure, accidental or intentional loss of data, or unauthorized modification. May prepare security reports.

Qualifications

Required Education & Years of Experience

• Eight (8) years of cyber security or related experience with a Bachelor's degree in Information Security, Cyber Engineering, Engineering or a related discipline is required
• A Master's degree in a related discipline may be substituted for two (2) years of experience
• Relevant experience may be considered in lieu of a degree.

Required Skills

• Ability to convey system risks/assessments/vulnerabilities to all technical levels to include administrative staff, management staff and subject matter expert technical staff
• Validate security posture for the program to ensure information systems security policies, standards, and procedures are established and followed
• Assist with the management of security aspects of the information system and perform day-to-day security risk analysis on the system
• Evaluate security posture to ensure security requirements for processing in a unclassified and classified information are being maintained
• Perform vulnerability/risk assessment analysis to support certification and accreditation Prepare and review documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, etc. This includes System Test and Evaluation (ST&E) and Pre and Post Deployment Security, Vulnerability and Risk (PDSV) assessments of new technological deployments in the test, preproduction, and production environments.
• Experience and/or familiarity with NIST and DHS Authorization and Accreditation (A&A)
• Experience and/or familiarity with the following network protection devices: firewalls, intrusion detection and prevention systems (IDS/IPS), log analysis, malware analysis, network traffic flow and packet analysis
• Experience and/or familiarity with Secure Technical Implementation Guides (STIGs), ISVM, DCID 6/3, Federal Information Security Management Act (FISMA) and other tools using NIST Framework
• Experience with operation and maintenance of Information Assurance Tools to including configuration and maintenance
• Acts as SME for Windows Platforms (Knowledge of LINUX/Network/Databases would be beneficial)

Desired Certifications

• CISSP, Security+, Network+, Cisco Certified Network Professional (CCNP), Cisco Certified Security Professional (CCSP) or similar certification

WOOD is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.