Data Systems Analysts, Inc.
Senior Information Security Analyst with Security Clearance
Data Systems Analysts, Inc., Fairfax, Virginia, United States, 22032
Senior Information Security Analyst with Security Clearance
DSA is hiring a Senior Information Security Analyst. This is a full-time position in the DC Area, supporting the Environmental Protection Agency (EPA). DSA has been the Prime contractor for this customer for over 13 years. This dynamic team is passionate about supporting Federal programs that serve US Citizens. The position is hybrid, allowing candidates to work onsite at DSA or the customer site with potential for telework.The Environmental Protection Agency (EPA) Office of Information Security and Privacy (OISP) is responsible for developing and maintaining agency-wide information security and privacy programs, policies, procedures, and control techniques; training personnel with significant information security responsibilities; and assisting senior agency officials with information security and privacy responsibilities.The Senior Information Assurance Analyst will be an integral part of a team responsible for supporting the development and maturation of an Agency-wide information security (InfoSec) program for a large civilian Federal agency. The candidate will serve as a subject matter expert regarding the Risk Management Framework (RMF) and associated information security policies and procedures, possessing in-depth knowledge of applying, selecting, and testing the NIST family of security controls. The candidate will report directly to the program manager and must have strong leadership skills to lead teams, tasks, and projects with limited supervision.Primary Responsibilities:
Advising senior-level stakeholders on InfoSec initiatives including compliance, awareness and training, and security operations.Leading Independent Validation and Verification (IV&V) efforts on security authorization/ATO packages to ensure compliance with agency requirements.Leveraging the existing Governance, Risk, and Compliance (GRC) tool, Telos Xacta (or an alternate like CSAM or RSA Archer), to track and reconcile findings from assessments, audits, and vulnerability scans.Coordinating government data calls (FISMA, FMFIA, BDR, etc.) and monthly reports.Assessing the effectiveness of the InfoSec and privacy training program and leading the collection, analysis, and presentation of enterprise-level InfoSec performance metrics.Managing InfoSec Program POA&Ms, including advising on remediation efforts.Working closely with senior agency security officials, system owners, information system security officers (ISSOs), and other stakeholders to advise and implement security solutions.Identifying opportunities for efficiencies in work processes and innovative approaches.Participating in team problem-solving efforts and offering ideas to solve client issues.Conducting relevant research, data analysis, and developing reports.Preparing and assisting in the development of policy and procedures.Implementing processes and procedures to monitor risk across programs/projects.Preparing briefings to the executive team to debrief the results of studies, analyses, and plans.Assisting client leadership in reviewing monthly project progress, documenting issues, and monitoring resolution.Required Qualifications:
Bachelor's degree in Information Technology or related field and 8 years of relevant IA experience (may substitute security certification, e.g., CISSP, for 2 years of experience).3+ years in a leadership role.Strong data analysis skills.Excellent written and verbal communication skills.In-depth knowledge of applying, selecting, and testing the NIST 800-53 Rev 4 security controls.In-depth knowledge of NIST 800-37 Risk Management Framework.Experience with a Governance, Risk and Compliance tool (e.g., Xacta, RSA Archer, CSAM, or eMASS).Excellent attention to detail.Ability to handle and prioritize multiple tasks and deadlines.Desired Qualifications:
Advanced level cybersecurity certification (e.g., CompTIA CISM, ISC2 CISSP).In-depth knowledge of applying, selecting, and testing the NIST 800-53 Rev 5 security controls.Many of DSA's positions require the ability to obtain a security clearance. Security clearances may only be granted to U.S. citizens. Applicants who accept a conditional offer of employment may be subject to government security investigation(s) and must meet eligibility requirements for access to classified information.DSA is proud to be an Affirmative Action/Equal Opportunity Employer, committed to treating all employees and applicants for employment with respect and dignity and maintaining a workplace that is free from unlawful discrimination. All applicants will be considered for employment without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender (including pregnancy, childbirth, breastfeeding or other related medical conditions), gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, characteristic or membership in any other group protected by federal, state, or local laws. DSA requires background checks, where permitted by law, and is an E-Verify Employer.
#J-18808-Ljbffr
DSA is hiring a Senior Information Security Analyst. This is a full-time position in the DC Area, supporting the Environmental Protection Agency (EPA). DSA has been the Prime contractor for this customer for over 13 years. This dynamic team is passionate about supporting Federal programs that serve US Citizens. The position is hybrid, allowing candidates to work onsite at DSA or the customer site with potential for telework.The Environmental Protection Agency (EPA) Office of Information Security and Privacy (OISP) is responsible for developing and maintaining agency-wide information security and privacy programs, policies, procedures, and control techniques; training personnel with significant information security responsibilities; and assisting senior agency officials with information security and privacy responsibilities.The Senior Information Assurance Analyst will be an integral part of a team responsible for supporting the development and maturation of an Agency-wide information security (InfoSec) program for a large civilian Federal agency. The candidate will serve as a subject matter expert regarding the Risk Management Framework (RMF) and associated information security policies and procedures, possessing in-depth knowledge of applying, selecting, and testing the NIST family of security controls. The candidate will report directly to the program manager and must have strong leadership skills to lead teams, tasks, and projects with limited supervision.Primary Responsibilities:
Advising senior-level stakeholders on InfoSec initiatives including compliance, awareness and training, and security operations.Leading Independent Validation and Verification (IV&V) efforts on security authorization/ATO packages to ensure compliance with agency requirements.Leveraging the existing Governance, Risk, and Compliance (GRC) tool, Telos Xacta (or an alternate like CSAM or RSA Archer), to track and reconcile findings from assessments, audits, and vulnerability scans.Coordinating government data calls (FISMA, FMFIA, BDR, etc.) and monthly reports.Assessing the effectiveness of the InfoSec and privacy training program and leading the collection, analysis, and presentation of enterprise-level InfoSec performance metrics.Managing InfoSec Program POA&Ms, including advising on remediation efforts.Working closely with senior agency security officials, system owners, information system security officers (ISSOs), and other stakeholders to advise and implement security solutions.Identifying opportunities for efficiencies in work processes and innovative approaches.Participating in team problem-solving efforts and offering ideas to solve client issues.Conducting relevant research, data analysis, and developing reports.Preparing and assisting in the development of policy and procedures.Implementing processes and procedures to monitor risk across programs/projects.Preparing briefings to the executive team to debrief the results of studies, analyses, and plans.Assisting client leadership in reviewing monthly project progress, documenting issues, and monitoring resolution.Required Qualifications:
Bachelor's degree in Information Technology or related field and 8 years of relevant IA experience (may substitute security certification, e.g., CISSP, for 2 years of experience).3+ years in a leadership role.Strong data analysis skills.Excellent written and verbal communication skills.In-depth knowledge of applying, selecting, and testing the NIST 800-53 Rev 4 security controls.In-depth knowledge of NIST 800-37 Risk Management Framework.Experience with a Governance, Risk and Compliance tool (e.g., Xacta, RSA Archer, CSAM, or eMASS).Excellent attention to detail.Ability to handle and prioritize multiple tasks and deadlines.Desired Qualifications:
Advanced level cybersecurity certification (e.g., CompTIA CISM, ISC2 CISSP).In-depth knowledge of applying, selecting, and testing the NIST 800-53 Rev 5 security controls.Many of DSA's positions require the ability to obtain a security clearance. Security clearances may only be granted to U.S. citizens. Applicants who accept a conditional offer of employment may be subject to government security investigation(s) and must meet eligibility requirements for access to classified information.DSA is proud to be an Affirmative Action/Equal Opportunity Employer, committed to treating all employees and applicants for employment with respect and dignity and maintaining a workplace that is free from unlawful discrimination. All applicants will be considered for employment without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender (including pregnancy, childbirth, breastfeeding or other related medical conditions), gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, characteristic or membership in any other group protected by federal, state, or local laws. DSA requires background checks, where permitted by law, and is an E-Verify Employer.
#J-18808-Ljbffr