GovernmentCIO

Security Analyst

US-DC-Washington DC
5 days ago
Job ID
2017-1133
# of Openings
1
Category
Information Technology

Overview

GovernmetnCIO CIO is looking for a security analyst to join the team  and provide support needed to provide the technical services, operations and maintenance support, user training, user support and related consulting services to maintain SOL’s various IT Application Systems

Responsibilities

The scope of work is to:

  • Provide professional and technical services specified herein in direct support of law office functions, support of the investigations and litigation in SOL’s divisions and offices and in the various offices of SOL’s client agencies on an as-needed basis, and in support of the administrative management and financial planning and execution services provided by MALS.
  • Provide the necessary operations and maintenance support, technical services support , user training and user support related to the upgrade and maintenance of SOL’s various IT Application Systems, including those systems providing case management, time tracking and other management tracking and reporting, within the SOL Legal Technology Systems (LTS) Initiative. This includes the Matter Management System, Evidence Management Initiative, Asset Management and Reporting, bankruptcy notification database, among others.
  • Conduct assessments of security controls based on the National Institute of Standards and Technology (NIST) guidance found in special publications SP 800-53 and 53A.
  • Apply the NIST Risk Management Framework as described in SP 800-37 to identify and mitigate information security risks.
  • Performing internal vulnerability and risk assessments of IT systems and procedures.
  • Analysis of vulnerability assessments reports including scan reports produced by tools such as Nessus, WebInspect, AppScan and BigFix.
  • Analyze customer processes and configurations to verify that previously identified flaws have been corrected, and document the results.
  • Maintain documentation and reports as part of a Plan of Action and Milestones (POA&M) to support vulnerability remediation efforts.
  • Provide up-to-date reports on project and task progress, and centrally track, in a timely fashion, incoming and existing work items.
  • Prepare reports by collecting, analyzing, and summarizing information in response to departmental data calls.
  • Interface with system administrators groups and individuals to resolve security issues related to implementation of compliance recommendations.
  • Develop remediation reports and recommendations for compliance and security improvements based on changing threats.
  • Clearly articulate technical requirements and other information in written documentation.
  • Communicates well with customer technical staff and management.
  • Follow existing processes and procedures, and propose updates to such. Develop new processes and procedures as necessary.
  • Able to work with supervision, set priorities, and give attention to detail and quality in an Agile environment.
  • Update CA Technologies Rally Tool on a daily basis with all user stories, tasks, and hours
  • Demonstrate strong organizational and time-management skills: multitasking, working individually and with a team, having a positive attitude, being self-motivated and reliable, being trustworthy, having strong interpersonal and diplomatic skills, and being able to handle multiple priorities in a professional manner.
  • Be proficient with Microsoft Office, especially Excel, PowerPoint and Word.

Qualifications

 

  • Bachelor’s degree in Information Assurance, Computer Science, Information Technology, Management Information Systems or Equivalent.
  • Must have entry level knowledge or greater on IT Security.
  • Have knowledge of application based security mechanisms and network architecture and design (e.g., firewalls, intrusion detection systems, virtual private networking, virus protection technologies, and LAN/WAN design).
  • Understanding of risk management practices and security program development including change management, access control, and physical security.
  • Basic understanding of the NIST Special Publications (SP) with emphasis on 800-37, 800-53, 800-53A
  • Demonstrates technical skills in one or more focus areas (i.e. networking, messaging support (Exchange), Active Directory, system administration)
  • MS Word, PowerPoint, Excel, CA Technologies Rally Agile Tool, SharePoint, SQL Reporting Services
  • 2-4 years of experience

 

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed