The Information Security Analyst is responsible for the planning, design, and implementation of technology and procedures designed to maintain the confidentiality, availability, and integrity of the information resources, computer, and networking systems. They provide recommendations to information system owners to ensure information systems are maintained in a state of compliance with established privacy, electronic communications, information protection, and records management policies. This individual must have strong knowledge of information protection and data privacy laws and considerations. Strong understanding of the Joint Special Access Program (SAP) Implementation Guide (JSIG), and Intelligence Community Directive (ICD) requirements.
Performs security analysis of operational and development environments, threats, vulnerabilities, and internal interfaces to define and assess compliance with accepted industry and government standards
Ensures the rigorous application of cybersecurity policies, principles, and practices in the delivery of all Information Technology (IT) and cybersecurity services
Uses the Risk Managed Framework (RMF) to contribute to the Authorization and Assessment (A&A) process for new and existing information systems, to include facilitating Memorandums of Understanding (MOU), Interconnection Security Agreements (ISA), Risk Acceptance Letters (RAL) and Continuous Monitoring (CONMON)
Reviews various operating systems such as Windows and Linux for compliance with governing requirements
Assess and document test or analysis data to show compliance with security requirements
Direct, conduct and mitigate risk assessments and investigations; and oversee activities of incident response.
Performs assessment of present levels of cyber security and possesses knowledge of proper cyber security practices
Plans and schedules the installation of new or modified security hardware, operating systems, and software applications
Ensures the assessment and implementation of identified computer and network environment fixes such as system patches and fixes associated with specific technical vulnerabilities as part of the Cybersecurity Vulnerability Management program
Guides the implementation of appropriate operational structures and processes to ensure an effective cybersecurity program, including boundary defense, incident detection, and response
Provide onsite incident response
In-depth knowledge of continuous monitoring tools
Experience Requirements
8 years of Information Security or Cybersecurity experience
Education Requirements
BA/BS in Information Security/Cybersecurity or related field, or the equivalent combination of education, technical training, or work/military experience.
Certification Requirements
DoD 8570.01 certification required – Security , or higher
Preferred Certifications
IAT Level II certification preferred- GSEC/CySA/CASP CE
IAT Level III certification preferred – CISSP
Security Requirements
Must have fully adjudicated Top Secret-SCI security clearance
CI/Polygraph may be required after hire
#armajobs
Click the checkbox next to the jobs that you are interested in.
Cloud Security Skill
Cybersecurity Skill
FirstHealth of the Carolinas, Pinehurst, NC
Sharepoint Systems Analyst with TS/SCI
Information Management Group, Inc., Fayetteville, NC