Senior Information Security Analyst

Overview

Global in our service, but local in our approach, the Nisga’a Tek team is committed to high quality service to honor those who defend us. Our work ensures mission assurance and execution, to both our customers and war fighters. 

Summary:

Nisga'a Tek is looking for an Information Security Analyst to provide onsite support for our government customer located in the Washington DC Metro Area. The Security Analyst shall provide Cybersecurity services in support of the C5ISC Engineering Services Division (ESD) Information Assurance Branch (IAB). The Security Analyst shall act as the Information Systems Security Officer and shall provide cybersecurity audits, reviews and recommendations to assist the customer in maintaining accreditation for network and enterprise system as designated.

Responsibilities

Essential Job Functions:

• Prepare and maintain correct, thorough, and timely inputs to accreditation packages and critical documents that stipulate concepts, requirements, continuity, and contingency to include, System Security Plan (SSP), Security Risk Analysis (SRA), and all critical requirement documents, artifacts in accordance with current network accreditation processes.
• Provide analyses and decision support information for the CGCyber A&A to make system/network risk management determinations for an Authorization to Operate (ATO).
• Maintain the continuous monitoring process and ensure all systems are compliant with DOD and USCG security guidelines, and DISA Security Technical Implementation Guides (STIG).
• Provide draft inputs to security policies and guidance, based on Government requirements and industry best practices, to ensure CG practices are in compliance with DOD/USCG policy directives. Provide artifacts and information required for audits and inspections.
• Develop and maintain matrices to track and analyze trends in IA readiness and compliance.
• Manage and track all Plan of Action and Milestones (POA&Ms) created by the organization to address identified weaknesses, vulnerabilities, and audit/assessment findings from creation to closure.
• Coordinate with other organizations as needed in the processing and management of the POA&Ms.
• This includes validation of POA&M content submitted by the area of responsibility (AOR) for weakness remediation; ensuring POA&Ms are submitted via proper channels; providing reports and status tracking of remediation efforts; work with the AOR as needed to ensure items are completed in a timely manner and to gather appropriate artifacts for closure; and identifying POA&Ms that will need waivers or risk acceptance.
• Utilize DOD/ USCG and industry-standard security practices and policies to conduct detailed vulnerability assessments and implement recommended security safeguards to protect all CG IT assets.
• Coordinate and implement Information Operations Conditions (INFOCON) measures as necessary. Utilize tools and tracking mechanisms that shall automate reporting and data collection of Information Security (INFOSEC) associated vulnerabilities.
• The Contractor shall submit findings and recommendations to the ISSO as requested.
• Provide continuous monitoring of all C5ISC enterprise-managed assets. The continuous monitoring process shall ensure all systems are compliant with DOD and USCG security guidelines.
• Coordinate and maintain the DHS’ and DOD’s vulnerability database accounts.
• Coordinate with ISSOs to advise and facilitate resolution of all IA and INFOSEC issues.
• Review system audit records and intrusion detection data to assist ISSOs in identifying security incidents.

#CJ

Qualifications

Necessary Skills and Knowledge:

• Proven experience in information security, including security monitoring, incident response, and vulnerability management.
• Strong understanding of security frameworks, standards, and best practices.
• Proficiency in using security tools and technologies for monitoring and analysis.
• Excellent problem-solving and analytical skills.
• Effective communication skills to convey complex security concepts to non-technical stakeholders.
• Ability to work independently and collaboratively in a fast-paced environment.

 Minimum Required Qualifications:

• Information Assurance Workforce Improvement Program, DoD 8570 IAM Level II Certification required.
• Completed experience, training, and maintenance of IAM Level II certification required.
• Requires 5 years of experience in an Information Security Analyst, ISSO or ISSM role.
• Requires 5 years of experience in at least one of the following toolsets: ACAS, HBSS and/or eMass.
• Active SECRET security clearance.

Pay and BenefitsAt Goldbelt, we value and reward our team's dedication and hard work. We provide a competitive base salary commensurate with your qualifications and experience. As an employee, you'll enjoy a comprehensive benefits package, including medical, dental, and vision insurance, a 401(k) plan with company matching, tax-deferred savings options, supplementary benefits, paid time off, and professional development opportunities.