||Senior Information Security Analyst
||On client site in Springfield, VA
Lunarline, Inc. is hiring a Senior Information Security Analyst. We are looking for an enthusiastic professional with a minimum of five (5) years of experience in analyzing computer security at large firms, conducting gap analysis, identifying and alleviating potential loopholes, and conducting Security Assessment and Authorizations.
Duties and Responsibilities:
Skills and Qualifications:
- Analyze the client system security.
- Conduct gap analysis.
- Determine enterprise information security standards.
- Assess the effectiveness of the agency’s information security and privacy policies, procedures, and practices.
- Evaluate the effectiveness of agencies’ information security and privacy programs and practices in accordance with FISMA and other regulations organized around the five information security functions outlined in the National Institute of Standards and Technology’s (NIST) Framework for Improving Critical Infrastructure Cybersecurity (Cybersecurity Framework): Identify, Protect, Detect, Respond, and Recover.
- Minimum of 5 years’ experience in assessments, scanning, and consulting.
- Ability to use scanning tools for vulnerabilities and weaknesses.
- Expert-level knowledge of FISMA, NIST RMF, and NIST SP 800-series publications.
- Exposure to Software Development Lifecycle (SDLC) and related terminology as it relates to Information Security/Information Assurance.
- Self-motivated and able to work in an independent manner or as part of a team.
- Able to write and talk about technical security issues in a clear, concise manner.
- Exceptional organizational and planning skills.
- Able to work in a fast-paced, deadline-driven environment.
- Security Center, Nessus Log Correlation Engine, CIS Benchmarks, Web Inspect Vulnerability Scans or SolarWinds LEM, Burp Suite.
- Bachelor’s degree in Computer Sciences, Information Systems, Mathematics, Engineering (Electrical, Computer, Mechanical) or related field.
- The following certifications (more than one is required): CCNA Security, CySA+, GICSP, GSEC, Security+ CE, or SSCP.
- The following certifications (more than one is preferred): Lunarline, Inc. School of Cybersecurity “Certified Expert” certifications.