Information Security Analyst

Security, RMF, Intrusion, Security+
Full Time, Permanent
Competitive
Telecommuting not available Travel not required

Job Description

CommunityForce, Inc. is a global technology company that offers a full range of service modules, including scholarship management and grants management, to manage every aspect of business operations for philanthropic organizations, educational institutions, associations and other nonprofit organizations. CommunityForce is a rapidly growing systems integrator for the US Air Force. 

 

Position: Information Assurance Analyst

Location: Ashburn, VA

Duration: Permanent

Must Have: Security+

 

Job Description

  • Will maintain the operational security posture for the information system or program in accordance with NIST, DoD, and AF guidance.
  • Initiate protective or corrective measures when a cybersecurity incident or vulnerability is discovered and ensure that a process is in place and followed for authorized users to report all cybersecurity-related events and potential threats and vulnerabilities to the ISSM.
  • Ensure software, hardware, and firmware complies with appropriate security configuration guidelines (i.e., Security Technical Implementation Guides (STIGs)/ Security Requirement Guides (SRG)).
  • Implement security configuration guidelines on software, hardware, and firmware as required.
  • Ensure proper configuration management (CM) procedures are followed prior to implementation and contingent upon necessary approval, according to this Instruction. Coordinate changes or modifications to AF IT with the system-level ISSM, SCA and or the Wing Cybersecurity office.
  • Initiate protective or corrective measures, in coordination with the security manager when a security incident or vulnerability is discovered.
  • Initiate exceptions, deviations, or waivers to cybersecurity requirements as directed by the ISSM.
  • Maintain situational awareness of when patches, CVEs, vulnerabilities, policies, etc. are identified and formally released to DoD Information Systems for implementation and reporting.
  • Ensure vulnerabilities are addressed, patched, mitigated, and reported as directed by the DoD, AF, and HQ AETC ITSP Leadership.
  • Produce supporting artifacts for assigned security controls and corresponding configuration control items to include but not limited to; scan reports, system logs and system screen-shots.
  • In coordination with the ISSM, utilize cybersecurity tools, made available to them and approved by the government, to configure, maintain, report, and substantiate system component compliance; examples include but are not limited to the Security Content Automation Portal (SCAP), Security Technical Implementation Guides (STIG) Viewer and Checklist.

 

Require Skills (if any):

  • Must have a BS degree in Computer Science, Electrical Engineering, or a related technical field.
  • Must have Security+ CE certification.
  • Certified Information Systems Security Professional (CISSP) certification or equivalent is a plus.
  • Must have a Secret Clearance and have the ability to obtain a Top Secret Clearance.
  • At least 5 years of IA/Cybersecurity experience, including demonstrated knowledge, skills, and abilities to perform the job responsibilities listed above.
  • Experience with cloud systems preferred
Dice Id : 10525963
Position Id : 775297
Have a Job? Post it