Security Analyst

Overview

On Site
$70 - $80
Contract - W2
Contract - 24 Month(s)

Skills

Information Security Management
Linux
Microsoft Office
IPS
NoSQL
Firewall
IBM
Risk Analysis
Risk Management
Reporting
Security Controls
Intrusion Prevention
Collaboration
Configuration Management
Identity Management
Network Design
Leadership
Microsoft Operating Systems
Issue Tracking
Microsoft Windows Server
Decision-making
Documentation
Bizagi
EMC RSA Archer
Event Management
Regulatory Compliance
Switches
System Center
z/Linux
SIEM
FISMA
ITIL
Auditing
Atlassian
zSeries
ISACA
SANS
GIAC
ARCHER
EGRC
GRC

Job Details

General Duties and Responsibilities

  1. Perform detailed architectural reviews and security risk analysis to support informed decision-making, including:
    • Network design and information flow
    • System and data access models
    • Firewall rule request reviews (ports, protocols, and services)
    • Baseline configuration management deviation requests
    • Vulnerability management
  2. Lead and support the design, development, implementation, and ongoing improvement of client security and compliance initiatives.
  3. Audit and assess internal agency systems as well as business partner and service provider security controls.
  4. Use tools such as Microsoft Office, System Center Service Manager (ticketing system), Archer eGRC, Bizagi, Atlassian, and related products to document and report findings from audits, assessments, and other OCS activities.
  5. Conduct security and compliance reviews of contracts, Business Associate Agreements (BAAs), Data Usage/Sharing Agreements, and other relevant documentation.
  6. Serve as the primary point of contact for third-party audits and assessments involving agency and business partner systems.
  7. Collaborate with agency leadership, business partners, and stakeholders to provide recommendations for security and compliance risk mitigation.


Technical Knowledge
Hands-on experience with one or more of the following technologies is desirable for this position:

  1. Archer (eGRC)
  2. Enterprise NoSQL databases
  3. IBM System 390 / zSeries
  4. Linux and Windows server environments
  5. Network infrastructure including firewalls, Intrusion Prevention Systems (IPS), switching, and routing
  6. Security Information and Event Management (SIEM) solutions
  7. Identity and Access Management (IAM) solutions



Required Skills

  1. 5+ years of IT experience working with and/or auditing:
    • IBM System 390 / zSeries
    • Windows and Linux systems
    • Relational and non-relational databases
    • Networking infrastructure
    • Web-based applications
  2. Prior experience working within a FISMA-compliant program.
  3. Prior experience working with eGRC systems.


Preferred Skills (Ranked in Order of Importance)

  1. Prior ITIL experience, specifically within Information Security Management.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.