179430 - IT Security Analyst
Industry
IT
Region
VA-Virginia
City
Rosslyn
State
VA
Rate
Up to $62.65 DOE
Duration
3-6 months, CTH
Description


Chipton-Ross is seeking an IT Security Analyst - Assessment and Documentation for an opportunity in Rosslyn, VA.

RESPONSIBILITIES:
Northrop Grumman Technology Services sector is seeking an Information Technology Security Analyst - Assessment and Documentation to join our team of qualified, diverse individuals. This position is supporting OIG CIO contract in Rosslyn, VA.
Implements and interprets the requirements for agency compliance with policy directives governing IT infrastructure protection.
Supports USPS OIG security policy and compliance management program:
-Coordinates the review and evaluation of the agency IT programs for security assessment, authorization and risk assessment.
-Identifies security risks and recommends risk mitigation strategies.
-Conducts software Security Test & Evaluation (ST&E).
-Documents security assessment and authorization and ST&E activities for CIO and other Business leader review and approval.
-Updates or makes recommendations for new requirements for IT Security in other IT projects as well as for IT Security infrastructure and policy.
-Participates in the development of security policies.
Supports Security Operations Center activities:
-Participates in cyber threat and vulnerability analysis and remediation.
-Supports operational implementation of FISMA/NIST/FedRAMP standards and compliance to SOC 2 audit reports.
-Incorporates security tools in security review and assessment and includes systems that provide monitoring, prevention, response, and reporting. These tools are listed at the end of the REQ in NOTES.
Supports Security Engineering and technical solution development:
-Documents security architecture and supports documentation of technical solutions for security products.
-Collaborates effectively with members of OCIO and Business units to assess security architecture and solutions for IT and business systems.
-Evaluates security requirements associated with cloud-hosted environments and services.
-Evaluates security requirements associated with mobile applications.
Incorporates security tools in security review and assessment and includes systems that provide monitoring, prevention, response, and reporting.
These tools may include, but are not limited to: Microsoft Cloud Security Stack (virtual networks, network security groups, web application firewalls, virtual firewalls), Security and Compliance Center, Windows Anti-malware, Azure Security Center, Microsoft Azure Information Protection, Azure Sentinel, Microsoft Data Loss Prevention, Exchange Online Protection Advance Threat Protection, Microsoft Cloud App Security, Advanced Malware Protection, Hybrid Connectors, and Security Incident and Event Management.

REQUIRED EXPERIENCE:
MUST have a degree in Information Security, Information Systems, Computer Science, or related field.
Candidate must possess 5+ years of specialized IT experience with at least 3 years in information security- related field.
Must have GIAC, CEH, CISSP certification(s) (or equivalent); DHS Security Certification; or ISACA certifications (CISM or CISA).
ITIL v3 Foundation certification (desired).
Knowledge of information security principles, concepts, practices, systems software, database software, and immediate access storage technology to carry out activities relating to security certification/accreditation, System Security Plans and Authority-To-Connect requirements.
Knowledge & Skill in implementing FedRAMP, FISMA, NIST, OMB guidelines, and other Federal regulations and guidance.
Experience interpreting and implementing FISMA and Security Technical Implementation Guide requirements focused on the operational implementation and documentation of those requirements.
Skill & Ability to document IT Security risks, advice, guidance, and recommendations to management and other technical specialists on critical information technology security issues.
Skill & Ability to assess risk factors and advise on vulnerability to attack from a variety of sources and procedures for protection of systems and applications.
Knowledge of security requirements associated with cloud-hosted environments and services and mobile application development and deployment.
Ability to effectively communicate both orally and in writing with management and other technical specialists.
Ability to plan, organize and manage tasks on time with minimal supervision.

EDUCATION:
MUST have a degree in Information Security, Information Systems, Computer Science, or related field.
School must be accredited.

HOURS:
5/40 workweek

MISCELLANEOUS:
Applicants responding to this position will be subject to a government security investigation and must meet eligibility requirements by currently possessing the ability to view classified government information.

Employment will be contingent on clearing a drug screen and background check. Both must clear prior to start date.

Contact
Max Cameron
mcameron@chiptonross.com
CHIPTON-ROSS, INC.
420 Culver Boulevard
Playa Del Rey, CA 90293

Phone: (310) 414-7800 x242 or (800) 927-9318 x242

Candidates responding to this posting must currently possess the eligibility to work in the United States. No third parties please.

Employment will be contingent on candidate clearing pre-employment drug screen and background check.

Chipton-Ross provides equal employment opportunities to all employees and applicants for employment without regard to race, color, creed, religion, national origin, sex (including pregnancy), age, disability, sexual orientation, gender identity and/or expression, protected veteran status, genetic information, or any other characteristic protected by Federal, State or local law. This policy governs all areas of employment at Chipton-Ross, including recruiting, hiring, training, assignment, promotions, compensation, benefits, discipline, and terminations.