IT Security Analyst 4

Overview

Hybrid
Depends on Experience
Contract - W2
Contract - Independent
Contract - 6 Month(s)

Skills

NIST 800-53
Software development lifecycle
Python
Java
JavaScript
C++
C#
SQL
HTML
COBOL
Nessus
Qualys
Retina
Tenable
CISM
CCSP
CISSP
CEH
CompTIA
IT Security
Security+
System Security
Web Application Security
Software Development Methodology
IBM Security AppScan
Cisco Certifications
Certified Ethical Hacker

Job Details

JOB DESCRIPTION:

Role: IT Security Analyst 4

Location: Richmond, VA Hybrid

Duration: 6 Months

Interview: Face2Face Only

Work Arrangement: Hybrid 3 days - on site - 2 days - remote

Short Description

Document and address organization's information security, cybersecurity architecture, and systems security engineering requirements throughout the acquisition life cycle.

Notes from the manager:

For this position we are really looking for someone who is strong in Security Operations (Vulnerability Management, Penetration Testing, Incident Response, Identity Access Management, etc.). A few of the candidates were strong in Risk Management (Risk Assessment, Data Classification, Audits, etc.) but we already have those skills on our team. The remaining candidates mostly struggled to answer basic technical questions relating to security and seemed to mostly come from more IT Operations backgrounds. We are looking for an experienced person as this is not an entry level opening.

General things to consider when screening:

Experience with vulnerability management is key for this position.

Experience with application penetration is key for this position.

Experience with Dev SecOps/Secure Software Development Lifecycle (Secure SDLC/SSDLC)/Secure by Design is key for this position.

Scripting and automation experience is highly desired for this position.

Interpersonal skills and being able to talk with and manage stakeholders are key for this position.

Experience with vulnerability management is key for this position.

Experience with application penetration is key for this position.

Experience with Dev SecOps/Secure Software Development Lifecycle (Secure SDLC/SSDLC)/Secure by Design is key for this position.

Scripting and automation experience is highly desired for this position.

Interpersonal skills and being able to talk with and manage stakeholders are key for this position.

Skill Required / Desired Amount of Experience

NIST 800-53 rev 5 and/or Criminal Justice Information System (CJIS) specifications for an information security management system Required 5 Years

Software development lifecycle, vulnerability management processes, role-based authentication methodologies, etc Required 5 Years

Familiarity with programming languages such as Python, Java, JavaScript, C++, C#, SQL, HTML, CSS, and/or COBOL Required 5 Years

Expertise in using automated vulnerability scanners like Nessus, Qualys, Retina, and/or Tenable Required 5 Years

Familiarity with web application security testing tools like Burp Suite, Fortify, and/or AppScan Required 5 Years

Basic scripting skills (e.g. WDL, VBScript, JavaScript, PowerShell, Python) for automation Required 5 Years

IT security or risk assessment certifications are advantageous (CISM, CCSP, CISSP, CEH, CompTIA Pentest+ and/or CompTIA Security+) Required 5 Years

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.