System Technical Security Analyst
Job Description:
• Configuration, Execution and Analysis of vulnerability scans
• Ability to interpret and assess network diagrams and drawings using Visio.
• Identify and assess Cloud System state, including vulnerabilities, RMF package status/accreditation model, PPS compliance , and patching, Cyber Security Vulnerability Assessments (CSVA) mechanisms.
• Demonstrate familiarity with current FedRAMP, DOD and NIST Security controls and technologies, including vulnerability management capabilities.
• Understand enterprise operating environments, including security posture, application environment, and associated security controls
• Understand/document information system specifications and security controls, including logical and physical diagrams, connectivity, communication, and data flow diagrams, both internal and external to the system.
• Gather information , architecture diagrams and implementation of the security controls through interfacing with the security engineering, operations and build teams
• Develop security documentation input of technical control implementation
• Understand the intent of the FedRAMP moderate security controls, FISMA security controls and communicate as needed
• Assist with the FedRAMP or FISMA authorization to include, but not limited to, prep of security engineering, build and operations teams through training and mock interviews, update implementation language in the security documentation and develop processes as required, and support FedRAMP PMO/ Agency / CISO requests
• Maintain and update a monthly Plan of Actions and Milestones (POAM), inventory and other continuous monitoring deliverables as appropriate
• Ability to respond effectively to customer’s concerns regarding ConMon activities
Requirements:
• Bachelor’s Degree in Computer Science / MIS / Information Technology, or equivalent experience in Information Security, Information Technology, or related technical discipline
• Minimum 5 years Information Technology experience
• Experience with Cloud technologies , especially AWS and Azure, desirable
• Experience with FedRAMP and/or other authorization processes and NIST risk management framework
• Execution and Analysis of vulnerability scans ; such as but not limited to: Nessus/Security Center , WebInspect, etc.
• Familiarity with Splunk to execute queries, search/review data for impact.
• Experience in developing, evaluating, and implementing information security architectures, technologies, standards, and practices to secure applications and IT systems, desirable
• Flexible, self-motivated, and able to work independently in a fast paced environment
• Excellent communication skills and the proven ability to work effectively with all levels of IT and business management.
• Skill in preparing and making written and oral presentations of complex technical nature.
• Demonstrated ability to coordinate multiple tasks
Benefits:
Apply tot his job
Apply To this Job
• Configuration, Execution and Analysis of vulnerability scans
• Ability to interpret and assess network diagrams and drawings using Visio.
• Identify and assess Cloud System state, including vulnerabilities, RMF package status/accreditation model, PPS compliance , and patching, Cyber Security Vulnerability Assessments (CSVA) mechanisms.
• Demonstrate familiarity with current FedRAMP, DOD and NIST Security controls and technologies, including vulnerability management capabilities.
• Understand enterprise operating environments, including security posture, application environment, and associated security controls
• Understand/document information system specifications and security controls, including logical and physical diagrams, connectivity, communication, and data flow diagrams, both internal and external to the system.
• Gather information , architecture diagrams and implementation of the security controls through interfacing with the security engineering, operations and build teams
• Develop security documentation input of technical control implementation
• Understand the intent of the FedRAMP moderate security controls, FISMA security controls and communicate as needed
• Assist with the FedRAMP or FISMA authorization to include, but not limited to, prep of security engineering, build and operations teams through training and mock interviews, update implementation language in the security documentation and develop processes as required, and support FedRAMP PMO/ Agency / CISO requests
• Maintain and update a monthly Plan of Actions and Milestones (POAM), inventory and other continuous monitoring deliverables as appropriate
• Ability to respond effectively to customer’s concerns regarding ConMon activities
Requirements:
• Bachelor’s Degree in Computer Science / MIS / Information Technology, or equivalent experience in Information Security, Information Technology, or related technical discipline
• Minimum 5 years Information Technology experience
• Experience with Cloud technologies , especially AWS and Azure, desirable
• Experience with FedRAMP and/or other authorization processes and NIST risk management framework
• Execution and Analysis of vulnerability scans ; such as but not limited to: Nessus/Security Center , WebInspect, etc.
• Familiarity with Splunk to execute queries, search/review data for impact.
• Experience in developing, evaluating, and implementing information security architectures, technologies, standards, and practices to secure applications and IT systems, desirable
• Flexible, self-motivated, and able to work independently in a fast paced environment
• Excellent communication skills and the proven ability to work effectively with all levels of IT and business management.
• Skill in preparing and making written and oral presentations of complex technical nature.
• Demonstrated ability to coordinate multiple tasks
Benefits:
Apply tot his job
Apply To this Job