Junior Security Analyst

Join to apply for the Junior Security Analyst role at Jobs via Dice
.

The Junior Security Analyst will oversee, evaluate, and support the documentation, validation, and accreditation processes necessary to assure that IT systems meet the organization’s security requirements:

• Respond to crisis or urgent situations within the system to mitigate immediate and potential threats.
• Use mitigation, preparedness, and response and recovery approaches, as needed, to maximize information security.
• Ensure appropriate treatment of risk, compliance, and assurance from internal and external perspectives.
• Provide security advice and recommendations to leadership and staff based on NIST and FIPS guidelines.
• Analyze system security assessment reports.
• Develop estimates of the security risks associated with deployment of new technologies.
• Use defensive measures and information collected from a variety of sources to identify, analyze, and report events.

Compensation is anywhere from 40k to 60k salaried based on experience.

• CompTIA Security + certification.
• A bachelor's degree in information technology systems, computer science, or a related field and experience in information technology systems or a related area.
• At least 3 years of information security experience, including documenting system security controls in place to support the Assessment and Authorization processes.
• 1-2 years of professional experience supporting information security/assurance programs, policies, processes, and operational procedures per various standard security frameworks/laws/standards/directives, e.g.: FISMA; OMB directives;
  Presidential Directives; NIST (SP-800 series; FIPS); HIPAA of 1996;
  Privacy Act;
  FedRAMP.
• Experience using Nessus, AIDE, Windows, Linux/RHEL.
• Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.
• Hands on experience analyzing requirements and writing to security control implementation language.
• Experience in with identifying and collecting required security control artifacts.
• Comprehensive knowledge of the FISMA, HIPAA laws and Privacy Act of 1974.
• Experience writing System Security Plans using-depth knowledge of the NIST 800-53 security control requirements and standard methods for implementing security controls.
• Understanding of risk assessment and risk management concepts, including POA&M support.
• Practical knowledge of IT System contingency planning and incident response.
• Good understanding of continuous monitoring and continuous authorization concepts.
• Good understanding of protection of PII and PIA concepts.
• Expert use of MS Office, especially Word, PowerPoint, and Outlook.
• Good ability to articulate technical concepts, especially in the audit review process.

• Mid-Senior level

• Full-time

• Information Technology

• Software Development