C& A Security Specialist
| Posting Date: |
10/3/2009 Active |
Category:
Accounting
Company:
Thomas Security Consultants
Description:
Security Analyst acts as a lead consultant, interfacing between the customer and IT security consulting team throughout the federal information system certification and accreditation lifecycle process. The ideal candidate is very detailed oriented with strong written and oral communication skills. He/she will be responsible for planning, developing, finalizing, and reviewing key deliverables in each stage of the certification and accreditation process. As a result, a strong understanding of standards and requirements outlined by FISMA, NIST, OMB and others is required. The Systems Security Analyst will be actively engaged in identifying unique system characteristics, interviewing key organizational personnel (technical, administrative, and executive), working with consulting team to compose requisite documentation (security categorizations, risk assessments, contingency planning, etc.), and mapping complex technical requirements, functionality, and capabilities to prescribed security controls, policies, and practices. This position has excellent career growth potential. The ideal candidate will:
• Work face-to-face with multiple stakeholders interviewing, planning, or participating in a team effort to bring multiple complex projects to fruition in a highly motivated, fast paced environment.
• Develop certification and accreditation documents including:
o Security Categorization
o Risk Assessment
o System Security Plan
o Contingency Plan
o System Test and Evaluation (ST&E)
• Provide ongoing gap analysis of current policies, practices, and procedures as they relate to established guidelines outlined by NIST, OMB, FISMA, etc.
• Conduct in-depth technical reviews of new and existing IT systems in order to identify the appropriate mitigation strategies required to bring these systems into compliance with established policy and industry guidelines.
• Analyze business models, workflows, and organizational dimensions as they relate to the design, implementation and support of the information system. Ideal candidate will have a experience equal to one or more of the following:
Qualifications:
* Must be able to obtain a Security Clearance
-• Knowledge of IT security architecture and design (firewalls, Intrusion Detection Systems, Virtual Private Networking, and virus protection technologies -- behavioral based a plus).
• Knowledge of LAN/WAN design and general internetworking technologies. Hands-on experience a plus.
• Knowledge of Windows and Unix operating systems. • One or more of the following certifications preferred: CISSP, CISM, CISA, MCSE 2000/2003, CCNA, CCNP, CCDP, and/or CCSP.
Functional Responsibilities: Responsible for the development of security artifacts across multiple IT platforms, including: Mainframe, Client Server, and Web-based systems. Possesses an understanding of capabilities associated with the security monitoring products across all IT platforms. Ensures that the policies reflect current standards in place including FISMA and other industry standards. Monitors compliance and conducts periodic reviews of policies. Minimum Education: BA/BS degree or 5 years of additional equivalent experience in engineering, information systems, computer science, or related fields.
Type:
Full Time
Job
Location:
DC-SuburbsRockville, MD |
Job
Number :
N/A |
Project
Length:
perm |
Positions:
3 openings
|
Travel
Required:
none |
Compensation
:
46,000 to 50,000
|
|
HOME
