×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security IT Consultant

Senior Information Security Analyst

Job in Fairfax, Fairfax County, Virginia, 22032, USA
Listing for: DSA Inc.
Full Time position
Listed on 2026-01-12
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Consultant
Salary/Wage Range or Industry Benchmark: 100000 - 125000 USD Yearly USD 100000.00 125000.00 YEAR
Job Description & How to Apply Below

DSA is hiring a Senior Information Security Analyst. This is a full‑time position supporting a customer in the DC Metro area with a HYBRID Schedule. This position supports the Environmental Protection Agency (EPA). DSA is the Prime and has been working with this customer on this contract for more than 13 years. It is a dynamic team with a passion for supporting Federal programs that serve U.S. citizens.

Location is Hybrid:
Allows the candidate the ability to work onsite at DSA or customer site with potential for telework. DSA work locations include Fairfax, VA.

Work Location is flexible with telework as approved. The ability to work onsite each week is required. Core work hours dedicated to DSA and our direct customers are 8 am est to 5 pm est.

The Environmental Protection Agency (EPA) Office of Information Security and Privacy (OISP) is responsible for developing and maintaining agency-wide information security and privacy programs; developing and maintaining information security and privacy policies, procedures, and control techniques; training personnel with significant information security responsibilities and assisting senior agency officials with information security and privacy responsibilities.

The Senior Information Security Analyst will be an integral part of a team responsible for supporting the development and maturation of an Agency-wide information security (Info Sec) program for a large civilian Federal agency. The candidate will serve as a subject matter expert with regards to the Risk Management Framework (RMF) and all associated information security policies and procedures and should possess in-depth knowledge of applying, selecting and testing the NIST family of security controls.

Primary

Responsibilities
  • Advising senior-level stakeholders on Info Sec initiatives including compliance, awareness and training, and security operations.
  • Leading Independent Validation and Verification (IV&V) efforts on security authorization/ATO packages to ensure compliance with agency requirements.
  • Leveraging the existing Governance, Risk, and Compliance (GRC) tool, Telos Xacta (or an alternate like CSAM or RSA Archer), to track and reconcile findings from assessments, audits, and vulnerability scans.
  • Coordinating government data calls (FISMA, FMFIA, BDR, etc.) and monthly reports.
  • Assessing the effectiveness of the Info Sec and privacy training program and leading the collection, analyzing, and presentation of enterprise-level Info Sec performance metrics.
  • Managing Info Sec Program POA&Ms, including advising on remediation efforts.
  • Working closely with senior agency security officials, system owners, information system security officers (ISSOs) and other stakeholders to advise and implement security solutions.
  • Identify opportunities for efficiencies in work process and innovative approaches.
  • Participating in team problem solving efforts and offer ideas to solve client issues.
  • Conducting relevant research, data analysis, and developing reports.
  • Preparing and assisting in the development of policy and procedures.
  • Implementing processes and procedures to monitor risk across programs / projects.
  • Preparing briefings to the executive team to debrief the results of studies, analyses, and plans.
  • Assisting the client leadership in reviewing monthly project progress, documenting issues, and monitoring resolution.
Required Qualifications
  • Ability to obtain a Public Trust.
  • Bachelor's degree in information technology or related field and 8 years of relevant IA experience. May substitute security certification (e.g. CISSP) for 2 years of experience.
  • 3+ years in a leadership role
  • Strong data analysis skills.
  • Excellent written and verbal communication skills.
  • Possess in-depth knowledge of applying, selecting and testing the NIST 800-53 Rev 4 security controls.
  • Possess in-depth knowledge of NIST 800-37 Risk Management Framework.
  • Experience with a Governance, Risk and Compliance tool (e.g., Xacta, RSA Archer, CSAM or eMASS).
  • Excellent attention to detail.
  • Ability to handle and prioritize multiple tasks and deadlines.
Desired Qualifications
  • Advanced level cybersecurity certification (e.g., CompTIA CISM, ISC2 CISSP)
  • In-depth knowledge of…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search