Mid-Level Information Security Analyst

Location: Arlington, VA
Date Posted: 07-13-2017
Lunarline, Inc. is hiring a Mid-Level Information Security Analyst.  We are looking for an enthusiastic professional with 5+ years of hands-on experience in analyzing computer security at large firms, conducting gap analysis, identifying and alleviating potential loopholes.
  
Duties and Responsibilities:
  • Analyze the client system security, conduct gap analysis, determines enterprise information security standards, and develop and implement information security standards and procedures.
  • Ensure that all information systems are functional and secure.
  • Understand privacy laws and regulations and how to apply them.
  • Understand the process of completing Privacy Threshold Analysis (PTA), Privacy Impact Analysis (PIA), and System of Records Notice (SORN) documents.
  • Develop and assess cyber security documentation for client information systems in accordance with FISMA, NIST RMF, FedRAMP, and departmental requirements
  • Participate in continuous monitoring activities
  • Assist or lead technical assessments using standard industry tools such as Nessus, AppDetective (now called DB Protect), WebInspect, and others
  • Participate in continuous monitoring activities
  • Identify and mitigate risks throughout assessment
  • Participate in and lead compliance related discussions (this includes in-depth understanding of security control requirements)
  • Perform vulnerability scanning, penetration testing, network device testing and remediation
  • May conduct root cause analysis, forensic evaluation, and malware analysis.
  • Work with customers to resolve concerns and explain how compliance is achieved
  • Coordinate the day-to-day activities required to deliver a project on time and within budget
  • Attend and participate in regular project meetings; deliver succinct and accurate status updates
  
 Skills/Qualifications:
  • Minimum five (5) years of experience in analyzing computer security at large firms, conducting gap analysis, identifying and alleviating potential loopholes.
  • Must be a US Citizen with the ability to obtain a Government security clearance
  • Expert-level knowledge of FISMA, NIST RMF, and NIST SP 800-series publications
  • Privacy Experience
  • Experience with FedRAMP is a plus
  • Experience with CDM tools
  • Exposure to Software Development Lifecycle (SDLC) and related terminology as it relates to Information Security/Information Assurance.
  • Self-motivated and able to work in an independent manner or as part of a team
  • Able to write and talk about technical security issues in a clear, concise manner
  • Exceptional organizational and planning skills
  • Able to work in a fast-paced, deadline-driven environment
 
 Minimum Education and Certifications
  • Bachelor’s degree in Computer Sciences, Information Systems, Mathematics or Engineering (Electrical, Computer, Mechanical) or related field.
  • The following certifications (more than one is preferred): Lunarline, Inc. School of Cyber Security “Certified Expert” certifications, Security+, CEH, Network+, CAP, or SANS security certification


Place of Performance:
  • Arlington, VA

_____________________________________________________________________________________

Disclaimer
  
Lunarline is an equal opportunity employer. It is the policy of Lunarline that all employees and applicants for employment will be treated in all respects on the basis of their merit and qualifications and without regard to their race, color, national origin, age, disability, sexual orientation, religion, gender, military status, marital status or ancestry.
Lunarline participates in the E-Verify program. Therefore, any employment with Lunarline will also be contingent upon confirmation from the Social Security Administration ("SSA") and/or the Department of Homeland Security ("DHS") of your authorization to work in the United States. 
The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified. All personnel may be required to perform duties outside of their normal responsibilities from time to time, as needed.
or
this job portal is powered by CATS