Security Analyst

Location: Open, United States
Date Posted: 06-28-2017
We are looking for an enthusiastic professional with 5+ years of hands-on experience in performing and/or participating in DoD, NIST, and/or FedRAMP Assessments. If mutually agreeable, the candidate will also be part of Lunarline’s School of Cybersecurity Instructors staff and may teach multiple courses in alignment with areas of expertise. 

Primary responsibilities may include:
  • Develop and assess cybersecurity documentation for client information systems in accordance with FISMA, NIST RMF, FedRAMP, and departmental requirements.
  • Participate in continuous monitoring activities.
  • Assist or lead technical assessments using standard industry tools such as Nessus, AppDetective (now called DB Protect), WebInspect, Qualys, ACAS (DoD), and others.
  • Teach RMF and other cybersecurity professional courses. Must understand processes and material sufficiently enough to clearly articulate and facilitate knowledge transfer to students.
  • Identify and mitigate risks throughout assessment.
  • Participate in and lead compliance related discussions (this includes in-depth understanding of security control requirements).
  • Perform vulnerability scanning, penetration testing, network device testing and remediation.
  • May conduct root cause analysis, forensic evaluation, and malware analysis.
  • Work with clients to resolve concerns and explain how compliance is achieved.
  • Coordinate the day-to-day activities required to deliver a project on time and within budget.
  • Attend and participate in regular project meetings; deliver succinct and accurate status updates.
  • Understand privacy laws and regulations and how to apply them.
  • Understand the process of completing Privacy Threshold Analysis (PTA), Privacy Impact Analysis (PIA), and System of Records Notice (SORN) documents.
 
Required Skills/Qualifications:
  • 5+ years of experience in performing and/or participating in DoD and NIST security assessments, continuous monitoring, and/or authorization activities.
  • Expert-level knowledge of FISMA, NIST/DoD RMF, and NIST SP 800-series publications.
  • Experience using testing tools such as Nessus/ACAS, SCC, DISA STIGs / STIG Viewer, Wire Shark, Flying Squirrel, etc.
  • Exposure to Software Development Lifecycle (SDLC) and related terminology as it relates to Information Security/Information Assurance.
  • Self-motivated and able to work in an independent manner or as part of a team.
  • Ability to capture technical details in a clear and concise manner.
  • Ability to communicate technical concepts to multiple, varied audiences.
  • Exceptional organization skills.
  • Able to work in a fast-paced, deadline-driven environment.
  • Must be a US Citizen.
  • Must have at least some exposure/knowledge of cloud architectures.


Desired Skills:
  • Security clearance and ability to be cleared.
  • Previous experience teaching is a plus.
  • Technical Writer experience is a plus.
  • Experience with FedRAMP is a plus.
  • Experience with CDM tools is a plus.
 
Place of Performance:
  • Open, United States
  • This position requires 25-50% travel
_____________________________________________________________________________________

Disclaimer
  
Lunarline is an equal opportunity employer. It is the policy of Lunarline that all employees and applicants for employment will be treated in all respects on the basis of their merit and qualifications and without regard to their race, color, national origin, age, disability, sexual orientation, religion, gender, military status, marital status or ancestry.
Lunarline participates in the E-Verify program. Therefore, any employment with Lunarline will also be contingent upon confirmation from the Social Security Administration ("SSA") and/or the Department of Homeland Security ("DHS") of your authorization to work in the United States. 
The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified. All personnel may be required to perform duties outside of their normal responsibilities from time to time, as needed.
or
this job portal is powered by CATS