Information Security Analyst
FedTec, Richmond, VA, United States
FedTec Overview:
FedTec is a Woman-Owned Small Business with headquarters in Reston, VA. However, FedTec is more than just a company – we are a dedicated team of visionary individuals who understand the power of transformation. With our unwavering commitment to innovative technology and forward-focused methods, we empower government agencies to fulfill their missions successfully with our capabilities in Digital Transformation, and Cyber Security. Our strategy is rooted in in-depth advising and a unique shoulder-to-shoulder mission experience, all geared towards enabling our clients, their agencies, and every American to thrive. We use the same approach as our employees, building meaningful and lasting relationships to meet their evolving needs and help them grow. We are excited to welcome you to our family.
Position: Information Security Analyst
Location: Richmond, VA, 23220
About the Opportunity:
Fedtec is looking for Information Security Analyst who will support information security across all Virginia Housing programs, projects, IT systems and application and is assigned to projects/initiatives with security and privacy components. The Information Security Analyst will assist in conducting cyber security & privacy awareness and education throughout Virginia Housing. The Information Security Specialist is also responsible for assisting with creating and maintaining all of Virginia Housing's Information Security and privacy policies and standards. The Information Security Specialist will be part of ISO efforts and assist with other security related projects.
Responsibilities will include:
- Participating in Information Security and Privacy efforts across all business areas and vendor engagements to ensure the most appropriate security controls are in place and adhered to by all parties.
- Working within a Governance Risk and Compliance (GRC) system to add and update information security information, records, and documentation.
- Partnering with business stakeholders to develop and maintain information System Security Plans (SSP).
- Representing the Information Security Office in PMO lead projects to ensure significant projects have appropriate ISO representation.
- Partnering across teams, collaborating with users to understand business challenges, developing options tailored to providing value, facilitating compliance, and providing timely and clear communications.
- Assisting with development and maintenance of information security standards and processes, including conducting occasional research from various reputable sources.
- Assisting with controls documentation, including information system diagraming, populating risk assessment templates and drafting control narrative documentation for business approval.
- Assisting in reviewing contracts, agreements, and other vendor documentation to assure adequate information security protections are in-place.
Qualified candidates must possess:
- At least (3) years of demonstrated experience in Information Security concepts related to governance, risk and compliance.
- Extensive knowledge of the principles and practices of information security.
- Extensive knowledge of the principles and methods applied to information technology infrastructure planning, implementation, and management.
- Ability to organize work, set priorities, meet established deadlines, and follow up on assignments with a minimum of direction.
- Familiarity or experience working with a security framework (NIST, ISO 27001, COBIT, etc.).
- Superior organizational skills and attention to detail.
- Ability to continually prioritize and change or adapt to ambiguous situations.
- Experience drafting Information Security and Privacy policies, standards, and procedures.
- Ability to interpret and understand security documentation including flow diagrams and process maps.
- Ability to understand general contract terms and conditions.
- Ability to create diagrams, flowcharts, and spreadsheets using desktop software.
- Ability to write clear and concisely to various audiences.
Preferred experience includes:
- Bachelor's degree in Computer Science or Information Systems or equivalent.
- Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), or equivalent information security certification is preferred.
- Previous experience working in the financial services industry is preferred.
- Knowledge of controls related to cloud security and application security.
- Knowledge of Information Security regulatory compliance (e.g., GLBA, GDPR, PCI, etc.).
- Knowledge of various privacy regulations (e.g., GRPR, CCPA, VCDPA, etc.).
When You Join FedTec, You Are Joining a Family! We take pride in our work and the true and transparent relationships we build with our employees and partners. We believe that positive energy attracts like-minded individuals, which is why we have such exceptional people on our team.
Just as you'd do for your own family, we prioritize your safety, health, and happiness. That's why we've created the FedTec Total Well-Being program, offering benefits like:
- Comprehensive medical, dental, and vision plans. These plans encompass a range of beneficial features, such as Telehealth virtual care programs, and access to resources to support your physical and mental well-being.
- Generous paid time off for relaxation and rejuvenation.
- Financial security through 401k, company-paid short and long-term disability, life insurance, and additional voluntary coverage.
- Support for your life and family with access to an Employee Assistance Program, Pet Insurance, and Prepaid Legal services.
- Recognition and growth opportunities through our Rewards & Recognition and Learning & Development programs.
- Our newest addition, the FedTec Fit Program, features an on-staff Fitness Coach who provides personal and group sessions, company fitness challenges, and ongoing support for your fitness goals.
At FedTec we embrace the power of diversity, fostering a culture where varied thoughts, ideas, and perspectives empower our employees and partners to thrive. We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, disability, or status as a protected veteran and we maintain a drug-free workplace to ensure a safe and healthy environment for all.
- If you feel that your qualifications, talents, and values align with our culture, we welcome you to apply by submitting your resume today!