Senior Information Security Analyst

FISMA, XACTA, CSAM, GRC, RMF, ISSO, CISSP, CISM, CISA, PUBLIC TRUST
Contract W2, Contract Independent, C2H W2, C2H Independent, Full Time
BASED ON EXPERIENCE
Work from home available

Job Description

Data Systems Analysts, Inc. is searching for a Senior Information Security Analyst for a remote opening in the DC area. This contract supports the US Environmental Protection Agency (EPA).

U.S. Citizenship and ability to obtain a public trust is required.

The ideal candidate will report directly to the program manager and have strong leadership skills and the ability to lead teams, tasks and projects of 5+ junior, mid, and senior level resources with limited supervision. The Senior Information Security Analyst will be an integral part of a team responsible for supporting the development and maturation of an Agency-wide information security (InfoSec) program for a large civilian Federal agency. The candidate should have strong data analysis skills, keen attention to detail, and the ability to handle and prioritize multiple tasks and deadlines. The candidate will serve as a subject matter expert with regards to the Risk Management Framework (RMF) and all associated information security policies and procedures and should possess in-depth knowledge of applying, selecting and testing the NIST family of security controls.

Primary Responsibilities:

* Advising senior-level stakeholders on InfoSec initiatives including compliance, awareness and training, and security operations.
* Leading Independent Validation and Verification (IV&V) efforts on security authorization/ATO packages to ensure compliance to agency requirements.
* Leveraging the existing Governance, Risk, and Compliance (GRC) tool, Telos Xacta (or an alternate like CSAM or RSA Archer), to track and reconcile findings from assessments, audits, and vulnerability scans.
* Coordinating government data calls (FISMA, FMFIA, BDR, etc.) and monthly reports. Client CyberScope experience a plus.
* Assessing the effectiveness of the InfoSec and privacy training program and leading the collection, analyzation, and presentation of enterprise-level InfoSec performance metrics.
* Managing InfoSec Program POA&Ms, including advising on remediation efforts.
* Providing administrative support to Xacta (or equivalent GRC tool) users and authoring operational procedures.
* Working closely with senior agency security officials, system owners, information system security officers (ISSOs) and other stakeholders to advise and implement security solutions.
* Advising CDM implementation efforts.
* Identify opportunities for efficiencies in work process and innovative approaches.
* Participating in team problem solving efforts and offer ideas to solve client issues.
* Conducting relevant research, data analysis, and developing reports.
* Preparing and assisting in the development of policy and procedures for program-level management and promoting consistency in program management best practices.
* Implementing processes and procedures to monitor risk across programs / projects.
* Preparing briefings to executive team to debrief the results of studies, analyses, and plans.
* Assisting the client leadership in reviewing monthly project progress, documenting issues, and monitoring resolution.
* Leading related business development efforts, as requested.

Minimum Qualifications:
* US Citizenship.
* Bachelor's degree in Computer Science, Information Systems, Engineering, Business, or other related scientific or technical discipline is required. Four (4) additional years of experience in IA/Information Security will be an acceptable substitute for a Bachelor's degree.
* Minimum of eight (8) years of IA specialized experience, including applying, analyzing and assessing information systems and security controls (NIST SP800-53, Revision 4).
* Minimum of three (3) years in a leadership capacity and demonstrated ability to delegate work and track work products from assignment to delivery.
* Ability to work with limited supervision and meet multiple project milestones and deadlines as required by the client.
* Excellent written and oral communication skills including delivery of client-ready work products and the ability to communicate complex technical issues to senior stakeholders and non-technical staff.
* Knowledge and understanding of integrating the security lifecycle into the system development lifecycle (SDLC).
* Experience working with Federal Information Security Modernization Act (FISMA) requirements and NIST guidelines.
* Demonstrated ability to prioritize and manage competing work assignments in a time sensitive environment.
* Ability to weigh business risks and enforce appropriate information security measures.
* Keen attention to detail and the ability to solve problems using best practices and systematic approach.

Desired Skills:
Preferred Tool Experience
* ForeScout
* BigFix
* Tenable Nessus
* Telos Xacta IA Manager (or similar tool like CSAM, RSA Archer, etc.)
* CDM Dashboard
* SharePoint
* Qlik Sense

Required/ Desired Education and Certifications:
* Bachelor's degree
* Two (2) IT industry certifications, including at least one (1) advanced security certifications (e.g., CISSP, CISM or equivalent).
* Interest in learning the concepts of business development and capturing new business.

MUST HAVE US CITIZENSHIP; this will be verified prior to interview. Therefore, only US Citizens can be considered for this position.
Salary and Benefits include but not limited to:

  • The hours for this role are Full-time, Regular - Start and End times are dependent on customer requirements
  • Leave benefits include Paid holidays, Vacation, Sick and Bereavement
  • Retirement benefits include 401K with 20% match to employee contribution, and Employee Stock Ownership Shares provided by DSA.
  • Insurance benefits include customizable Medical, Dental, Health, Company Paid Life and Disability Insurance, Health savings, Vision and Domestic Partner Coverage
  • Miscellaneous benefits include Tuition assistance and Technical 100% Paid Training and Family Tuition Assitance.

Founded in 1963, Data Systems Analysts, Inc. (DSA) has been providing Defense and Federal Government customers' business-driven Information Technology and consulting solutions and services for more than 50 years. DSA's people excel in helping our customers achieve sensitive, mission-critical business goals and objectives. DSA is a 100 percent employee-owned company: every employee has a stake in the success of our company and our customers.Our culture embraces training and development opportunities that include leadership programs, employee networks, continued education, and much more. We recognize that building expertise in your profession benefits everyone. DSA's leadership and training programs help employees better manage their projects, inspire coworkers and customers and reinforce DSA's guiding principles since 1963.

We also value the unique combination of skills, abilities, aspirations, and backgrounds of every individual our diversity makes us stronger. We are 100 percent employee-owned through an Employee Stock Ownership Plan (ESOP).DSAemployees receive customizable benefits that are highly competitive in each local market that include a Vanguard 401K.DSA provides equal employment opportunity for employees and applicants without regard to an individual's protected status; race/ethnicity, color, national origin, ancestry, sex/gender, gender identity/expression, sexual orientation, marital/parental status, pregnancy/childbirth or related condition, religion, creed, age, disability, genetic information, veteran status, or any other protected status.

DSA will provide necessary reasonable accommodation to ensure that an individual with a disability who is not able to fully utilize DSA's online job application system is provided with equal opportunity to apply and be considered for all jobs. If you need an accommodation to complete the application process, please email HR @dsainc.com or call 1-877-422-4372.

DSA recognizes that the global spread of COVID-19 is a challenging time for everyone. Our #1 priority is the health and safety of our workforce, guests and candidates, and we provide the necessary supplies to maintain safety in the work place. Due to the current situation surrounding COVID-19, our response time and scheduling of interviews may increase. DSA is looking to fill various positions despite the COVID-19 and are managing our workforce within the compliance of all state requirements.
#DSA209

Dice Id : 10119839
Position Id : 21-00113
Originally Posted : 1 month ago
Have a Job? Post it