Nangwik Services Blog

Security Analyst III

Click on Security Analyst III to Apply for this Position

Company Job Title: Security Analyst III-IT (BOR)
Clearance: Public Trust
Location: Alexandria, VA
Reports To: VP of Operations
FLSA Status: Exempt


Summary

The Senior Security Analyst applies and oversees a large and complex portfolio of continuous monitoring processes for a federal client. The incumbent facilitates risk assessments, Security Test and Evaluation (ST&E), contingency plan testing, and other advanced-level CM activities in accordance with NIST Special Publications 800-30, 800-37, 800-60, 800-53A, 800-53 Rev- 3, FIPS 199 and related OMB and NIST guidance. The incumbent is able to serve as an Information Security Risk Analyst, develops system level analysis reports and briefings for federal client System Owners and management, and ensures required cyber security policies are adhered to and that required controls are implemented. This position requires a working knowledge of network technologies such as Windows and Unix operating systems; database security; Active Directory; service oriented architectures; vulnerability testing; networking protocols and topologies; security architectures; and incident management.


Supervision

None

Minimum Qualifications

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required.

• Undergraduate Degree in a technical field
• Preferred Certifications: CCNA, MCSE, CAP, Network+, Security+, CISSP (strongly preferred)
• 5 year’s experience
• POA&M remediation experience, to include Engineering and Information Assurance
• Knowledge of and experience implementing Risk Management Framework
• Knowledge and experience with FISMA
• Familiarity with NIST SP 800-37 Revision 1 and NIST SP 800-53 Rev 3
• Experience with executing the System Development Lifecycle
• Solid knowledge of information security principles and practices.
• Understanding of advanced security protocols and standards
• Experience with software and security architectures
• Evaluate and develop approach to solutions
• Proactively assesses potential items of risk and opportunities of vulnerability in the network
• Experience with security best practices
• Proficient Technical Writing Skills
• Strong communication skills, both written and oral
• Organized, responsive and self-motivated problem solver.
• Experience evaluating, testing, and deploying enterprise technology

Computer Skills

• Experience with NESSUS; IBM Rationale Suite (Appscan); DBProtect, Webinspect, and SquirreL
• Experience with networking components (i.e. firewalls, switches, servers, routers, IDS, etc.)
• Familiarity with UNIX, Microsoft, ESX, Xen Operating Systems
• Experience with Governance, Risk, and Compliance tools (i.e. RSA Archer, XACTA, CSAM, etc.)
   

Education and/or Experience

• Undergraduate Degree in a technical field
• 5 years experience as a Security Engineer

Certificates, Licenses, Registrations, Clearance:

• A valid driver’s license is required.
• Public Trust
• Professional certification to include: CISSP
   

Security Analyst III

Click on Security Analyst III to Apply for this Position

Company Job Title: Security Analyst III-IT (BOR)
Clearance: Public Trust
Location: Alexandria, VA
Reports To: VP of Operations
FLSA Status: Exempt

Summary

The Senior Security Analyst applies and oversees a large and complex portfolio of continuous monitoring processes for a federal client. The incumbent facilitates risk assessments, Security Test and Evaluation (ST&E), contingency plan testing, and other advanced-level CM activities in accordance with NIST Special Publications 800-30, 800-37, 800-60, 800-53A, 800-53 Rev- 3, FIPS 199 and related OMB and NIST guidance. The incumbent is able to serve as an Information Security Risk Analyst, develops system level analysis reports and briefings for federal client System Owners and management, and ensures required cyber security policies are adhered to and that required controls are implemented. This position requires a working knowledge of network technologies such as Windows and Unix operating systems; database security; Active Directory; service oriented architectures; vulnerability testing; networking protocols and topologies; security architectures; and incident management.

Supervision:

None

Minimum Qualifications

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required.

• Undergraduate Degree in a technical field
• Preferred Certifications: CCNA, MCSE, CAP, Network+, Security+, CISSP (strongly preferred)
• 5 year’s experience
• POA&M remediation experience, to include Engineering and Information Assurance
• Knowledge of and experience implementing Risk Management Framework
• Knowledge and experience with FISMA
• Familiarity with NIST SP 800-37 Revision 1 and NIST SP 800-53 Rev 3
• Experience with executing the System Development Lifecycle
• Solid knowledge of information security principles and practices.
• Understanding of advanced security protocols and standards
• Experience with software and security architectures
• Evaluate and develop approach to solutions
• Proactively assesses potential items of risk and opportunities of vulnerability in the network
• Experience with security best practices
• Proficient Technical Writing Skills
• Strong communication skills, both written and oral
• Organized, responsive and self-motivated problem solver.

Experience evaluating, testing, and deploying enterprise technology
 

Computer Skills

• Experience with NESSUS; IBM Rationale Suite (Appscan); DBProtect, Webinspect, and SquirreL
• Experience with networking components (i.e. firewalls, switches, servers, routers, IDS, etc.)
• Familiarity with UNIX, Microsoft, ESX, Xen Operating Systems
• Experience with Governance, Risk, and Compliance tools (i.e. RSA Archer, XACTA, CSAM, etc.)
•  

Education and/or Experience

• Undergraduate Degree in a technical field
• 5 years experience as a Security Engineer

Certificates, Licenses, Registrations, Clearance:

• A valid driver’s license is required.
• Public Trust
• Professional certification to include: CISSP