Strategic Analysis
Information Security Analyst
Strategic Analysis, Arlington, Virginia, 22201
Strategic Analysis, Inc, (SA) is seeking an Information Security Analyst to join our internal operations team. The Information Security Analyst holds a crucial position to the effective day-to-day operations of Strategic Analysis HQ. Responsibilities will cover both tactical activities, such as threat detection and response, while also supporting more strategic initiatives such as infrastructure/information planning and the development of security related processes, policies and procedures at the company. Responsibilities: •Assist in the administration of accredited information systems in accordance with the RMF, which includes development and maintenance of documentation for systems, procedures, and security diagrams, weekly system maintenance, user administration, and other security related tasks as assigned to ensure compliance of accredited systems •Develop and maintain documentation for security systems, procedures and security diagrams •Monitor and analyze SA's corporate network for any unusual or suspicious activity and make recommendations for resolution •Ensure user endpoints have the needed security software and administer updates •Monitor user endpoints for any unusual or suspicious activity and make recommendations for resolution •Prepare and analyze security incident and event data reporting •Assist in company guidance to meet requirements of NIST 800-171 controls and prepare for CMMC Level 2 •Serve on projects, initiatives or work groups as assigned which may include; Event Management, Identity and Access Management, Risk and Control Assessment, Threat and Vulnerability Management •Deliver high quality customer service and provide Tier 1 and Tier 2 helpdesk support (investigation, troubleshooting, and resolution) for internal and external customers of computer software and hardware •Install, diagnose, and perform minor repairs to computer and audio visual hardware, software, and peripheral equipment •Develop working knowledge and provide customer assistance with all commercial off the shelf (COTS) and proprietary applications running on corporate servers and workstations •Set up information systems and communications equipment for employee use, performing or ensuring proper installation operating systems, appropriate software, and system connectivity •Assist with designing, documenting and maintaining the processes, policies and procedures necessary to support the optimal delivery of information systems services •Read technical manuals, confer with users, and conduct computer diagnostics to investigate and resolve problems and to provide technical assistance and support •Develop training materials and procedures, and/or train users in the proper use of hardware and software •Perform asset management duties to include purchase, inventory, and disposition of information systems and communications equipment Requirements: Education •Bachelor's degree in an IT related field or equivalent work experience •CompTIA Security Experience and Skills •Four (4) or more years of work experience in IT Security and support or equivalent combination of transferrable experience and education •Experience administering contractor owned accredited systems •In-depth knowledge of operating systems and security applications, as well as a working knowledge of basic network protocols and tools •Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response and identity and access management •Knowledge of network infrastructure including routers, switches, firewalls and associated network protocols and concepts •Experience developing, documenting and maintaining security procedures •Ability to communicate highly complex technical information clearly and articulately for all audience levels •Strong customer focus with ability to manage customer expectations and experience and build long-term relationships •Strong team-oriented interpersonal skills with the ability to interface effectively with a broad range of people and roles including vendors and IT-business personnel Clearance •Active DoD Secret clearance with the ability to obtain (Top Secret) Preferred Criteria •Relevant certifications, CompTIA CSA CASP or CISSP •SIEM configuration and monitoring, Microsoft Azure Administration, network monitoring and analysis, threat response, DLP, and other Information Security tools and practices •Experience with configuring Firewalls, Switches, Multi-Factor Authentication, Proxies, Anti-Virus, DLP, and other Information Security tools SA is an equal opportunity/Affirmative Action Plan employer that is committed to diversity and inclusion in the workplace. We prohibit discrimination and harassment of any kind based on race, color, sex, religion, sexual orientation, national origin, disability, genetic information, pregnancy, or any other protected characteristic as outlined by federal, state, or local laws. This applies to all employment practices within our organization, including hiring, recruiting, promotion, termination, layoff, recall, leave of absence, compensation, benefits, training, and apprenticeship makes hiring decisions based solely on qualifications, merit, and business needs at the time.