Information Security Analyst

SECURITY
Contract W2, Contract Independent, Full Time
BASED ON EXPERIENCE
Work from home not available Travel not required

Job Description

Information Security Analyst

FEI is a leading IT company specializing in Federal and Local Government data system solutions. For the past decade we have maintained a leading position in providing programming and consulting services in our primary areas of expertise- Behavioral Health Data Systems, and Clinical Trials Software Solutions for institutional systems of care.

At FEI Systems, we recognize that our employees are an important part of our success. We promote a team environment where all employees have the opportunity to achieve professional and personal success. Currently FEI is looking for highly skilled, self-motivated and creative individuals to join our talented team of experts. FEI is an equal opportunity employer that believes in growing and promoting a diverse work force. Our employee compensation and benefits package is competitive within the industry and is designed to help employees meet varying needs throughout their careers and lives. If you're looking for a rewarding work environment that will challenge your mind and expand your horizons, then joining the FEI team may be right for you.

Summary:
FEI is a matrix organization where the Information Security Analyst has the responsibility to report, indirectly, to first line Project Managers from a program standpoint; but, will ultimately report into our Security Department. The Information Security Analyst is responsible for tracking the security compliance, to applicable requirements, of federal and state systems as well as applications developed inhouse. The analyst will also be responsible for monitoring, evaluating, and maintaining systems and procedures to protect networks, systems, and data from internal and external threats. It is incumbent of the analyst to identify risk, respond to reported security violations, determine root cause of violations, and recommend corrective actions to ensure data security. The Security Analyst also researches, recommends, and implements changes to procedures to enhance data systems security, and assists in communicating and reinforcing security procedures and best practices to users. The analyst will need to possess and apply a strong knowledge of principles, practices, and procedures related to information security, risk management, privacy, and IT governance to the completion of meaningful and challenging assignments.

Duties and Responsibilities:

  • Works under general supervision to plan and conduct security related assignments for one or more programs/customers
  • Responsible for authoring security artifacts and related documents necessary for federal, state and inhouse systems to earn and maintain systems accreditations
  • Manage Plan of Action and milestones (POA&M's) for systems by creating and documenting new Corrective Action Plans (CAPs) and tracking them to completion
  • Act as a trusted advisor to program manager and development team to ensure adherence to security architecture and development standards
  • Responsible for ensuring program level compliance with applicable laws and guidance (e.g., SP800-53)
  • Act as one of several primary points of contact for the customer relative to matters of information security
  • Provide guidance to our Program Managers and Program Directors regarding internal security strategy
  • Help implement selected program components for our internal security department/posture

Qualifications:
Mandatory:
  • Information Security Domain expertise - Candidate must be very familiar with standard concepts, practices, and procedures within the information security and privacy domain.
  • Risk Management - Person must understand the total process of identifying, controlling, and mitigating uncertain events that may negatively affect system resources including risk analysis, cost-benefits analysis, selection, implementation and testing, security evaluation of safeguards, and overall security review.
  • Federal Security Compliance - Must be fluent with FISMA, NIST SP800-53, and the Federal systems certification and accreditation process
  • Writing Skills - Individual must be experienced in authoring/maintaining security artifacts (e.g., SSP, ISRA/RA, CP, PIA, PTA, SORN, etc.)
  • Interpersonal - Must demonstrate self-motivation with a strong ability to work in a multi-tasking, changing environment.

Desirable:
  • Governance - Experience with major governance regulations (e.g., SOX, HIPAA, NISPOM, DITSCAP, CoBIT, HITRUST, etc.)
  • Industry Experience - Healthcare industry experience, with a particular emphasis on health payer solutions, electronic health records, behavior health, data analytics, claims adjudication, medical management, and fraud detection and prevention is critical
  • Customer Sensitivity - Experience working with and/or for Health focused Agencies of the Federal Government to include NIH, CDC, CMS, VA, SAMHSA. Experience working with DHHS specific protocols (e.g., BPSSM, RMH, XLS, TRA, etc.).
  • Systems Development - Experience in full life cycle information technology solution implementation from conceptualization, requirements, design and specification through development (coding), integration testing and commissioning
  • Securing Cloud Environments - Experience securing applications and application development located in cloud and hybrid cloud environments
  • Other - Strong technical design and communication skills

Experience & Education:
A Bachelor's Degree with 3 years of related professional experience or 5+ years of directly related professional experience may be substituted for the degree requirement

Professional Security Certification is required (e.g., CISSP, CISM, CISA, etc.)

Physical Demands:
There are no unusual physical demands and no heavy lifting required of this position.

Travel Requirements:
There is minimal travel required, i.e., less than 10% of the time. Will attend at least one offsite security conference/training event per year

Work Environment:
Work is performed in a clean office environment

Other:
Full time must be able to obtain Public Trust; other clearance may or may not be required

Location: Columbia, MD, Full time position with full company benefits

NOTICE: EO/AA/VEVRAA/Disabled Employer - Federal Contractor. FEI Systems participates in E-Verify, a federal program that enables employers to verify the identity and employment eligibility of all persons hired to work in the United States by providing the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS), with information from each new employee's Form I-9 to confirm work authorization. For more information on E-Verify, please contact DHS at (888) 464-4218.

Applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, marital status, political affiliation, disability, or genetic information, except where it relates to a bona fide occupational qualification or requirement. FEI Systems creates an Affirmative Action Plan on an annual basis. Pursuant to federal law, the portions of FEI Systems' Affirmative Action Program that relate to Section 503 (Persons with Disabilities) and/or Section 4212 (Protected Veterans), are available for inspection upon request by applicants and employees during FEI Systems' normal business hours.

Dice Id : 10408081
Position Id : 19-00132
Have a Job? Post it