Overview

We are seeking an Information Security Analyst to join our team and support our mission critical customer in Reston, VA. As our Information Security Analyst, you will perform various Vulnerability Management duties including the tracking and dissemination of vulnerability assessments, participate in red/blue team events, and the identification and reporting of network and system vulnerabilities, security events, and adverse cyber related activity identified through I&W and AS&W indicators. The Information Security Analyst will manage all aspects of infrastructure systems used to manage CND-SP networks & resources and will assess threats to theenvironment.Responsibilities also include patch repository maintenance, supporting and performing inspections to ensure compliance to DoD 8530 Standards, and participating in risk assessment during the C&A (certification and accreditation) process, as well as, supporting security certification tests and evaluation of assets. 

Responsibilities

Required Qualifications:

• Clearance: Active TS/SCI Clearance w/CI Polygraph.
• Education & Years of Experience: Bachelor’s degree and 8 years of experience related to specific functional area.
• Certifications: Currently hold, or be able to attain a CompTIA Security or equivalent certification
• Experience and knowledge on:
• Working with and/or has technical knowledge on classified networks, servers, storage, operating systems, applications, and the full stack of supporting technologies
• Understands cloud service provider vulnerability testing approaches
• Supporting vulnerability management program requirements including maintaining patch repository, issuing alerts and bulletins, and tracking compliance
• Supporting vulnerability management risk scoring and quantifying risk posed by un-patched Vulnerability Alerts
• Reviewing reporting, automation, and visualization systems to provide situational awareness and making recommendations to improve vulnerability management capabilities
• Coordinating access to systems and approvals for scanning activities
• Conducting ad hoc testing to assist with development activities or vulnerability remediation
• Reviewing and testing system security controls (managerial, operational, and technical) to determine adequacy against federal requirements (e.g., NIST SP 800-53) and mission context
• Supporting technical environment testbed for emerging capabilities, tolls, and processes
• Operating or supporting ACAS security scanning software
• Creating, maintaining, and updating knowledge management and technical documentation of operational processes and findings
• Performing security certification tests and evaluation of assets
• Providing input on adequacy of security designs and architectures

Qualifications

• Security certifications: CCNA Security, CySA , SSCP, or equivalent certification
• Cloud certifications