Second Menu

Friday, June 24, 2016

Cyber Security Analyst || Fort Collins, CO || 6+ Months Contract || Phone + Skype

Job Title

Cyber Security Analyst (Jr. , Mid level and Sr. positions)

Project Location

Fort Collins, CO

Duration

6+ Months Contract

 

Interview Process: - Phone + Skype

Visa: Any

 

Job Description

 

Cyber Security Analyst

Introduction

Heartland Technology Group seeks a cyber security analyst to join a team of security architects and analysts supporting multiple government web applications to acquire and maintain their ATO and implement information system continuous monitoring. This position requires attendance in the Fort Collins, CO office. It also requires the candidate for this position pass the background check for clearance: ability to attain Federal Government Position of Trust.

Responsibilities

This role will provide oversight, expertise, technical security strategy, standards, and best practices for multiple programs with various security categorizations (low, moderate and high). Ensures preventive, auditing, testing, and reactive measures are being adequately implemented for systems with an active Authorization to Operate (ATO). Provides oversight and recommendations for best business practice based on Federal and ISO guidelines. Providing technical support, testing teams, and documentation generation, reviews and updates. Ensures new and updated security requirements are reviewed, tested and implemented within the project plan timelines. Controls and tracks the preparation of security standards, policies, and procedures. The qualified candidate is expected to be a subject matter expert on enterprise security topics, federal standards, covering web applications, databases and software development.

Duties

-          Review and verify policies and procedures are developed in line with all applicable federal and LOC security standards and regulations.

-          Maintain, track, and communicate detailed project tasks.

-          Manage initial and reauthorization System Assessment and Authorization (SAA)/ Security Controls Assessment (SCA) task and milestone, task dependencies for low, moderate, and high security systems.

-          Ensure document deliverables are created, reviewed, and/or updated to include, by not limited to, Privacy Threshold Assessment (PTA)/ Privacy Impact Analysis (PIA), Business Impact Assessment (BIA), Contingency Plans (CP), Configuration Management Plan (CMP), Change Management Plans, Incident Response Plans (IRP), Plan of Action and Milestones (POA&Ms), Security Assessment Reports (SAR), Memorandum of Understanding / Interconnection Security Agreement (ISA) and other documents as necessary.

-          Categorize and determine baseline IT security requirements in accordance with FIPS 199.

-          Identify and visually demonstrate system boundaries, select security controls, and ensure implemented controls are adequate for COTS or proprietary web applications. Provide recommendations as necessary to meet or improve controls.

-          Ensure security policies are developed, maintained and updated to meet IT security best business practices and standards, which may include ISO 27001, Federal Info Security Management Act (FISMA), and National Institute of Standards and Technology (NIST) 800-53 – ITL and FIPS federal info processing standard; plus, ITIL – Information Technology Infrastructure Library – practices for IT service management .

-          Be able to review security scans, triage vulnerabilities, and be able to provide recommendations on mitigating security risks.

-          Review hosting, security, and audit compliance to current LOC policies, provide quality assurance (QA) reviews.

-          Assist testing teams as necessary with coordinating with developers and operations staff to provide evidence as necessary.

-          Assists in documenting and managing artifacts in SharePoint and CSAM security repositories.

-          Assists Information Systems Security Managers (ISSMs) in generating ATO package and continuous monitoring artifacts.

-          Must evaluate business strategies and requirements to develop security strategies, assess risk, research standards, and determine security requirements as necessary.

Required Skills:

-          5+ years experience in an enterprise security role.

-          Extensive experience with Web Application Security – able to identify, confirm, and remediate vulnerabilities.

-          Broad knowledge of security best practices and compliance requirements

o    Knowledge of Risk Management Framework.

o    Knowledge of NIST, FISMA, and other applicable guidance.

-          Knowledge of Intrusion Detection concepts and applications.

-          Experience with cloud architecture and security.

-          Knowledge of various network technologies (routing, switching, load balancing, etc.).

-          Excellent organizational and communication skills are mandatory for various stakeholder audiences.

-          Experience collaboratively establishing secure configuration baselines for technologies.

-          Experience securing Oracle database suites or MS SQL databases.

-          Experience designing/reviewing architectures for adequate security such as secure authentication methods.

-          Knowledge or experience with conducting Assessment and Authorization (A&A) following NIST guidelines.

-          Knowledge or experience developing security documentation and conducting reviews for A&A packages, including but not limited to writing implementation statements.

-          Awareness of the diagnostic and mitigation aspects of Information Security Continuous Monitoring.

Desired Skills:

-          Technical and user experience with Atlassian suite of products, including, but not limited to, JIRA, Confluence, or Bamboo.

-          Experience with secure coding best practices.

-          Experience implementing and assessing security controls in appropriate information systems.

-          Determine agency-level risk to the mission or business case.

-          Experience with enterprise Identity Management technologies and implementation.

Educational & Certification Requirements

·         Bachelor degree in computer science, or 8 years of equivalent job experience in IT or computer science.

 

Thanks & Regards,

Udbhav Mathur

Talent Acquisition Specialist

TEKshapers Inc.

Email:- umathur@tekshapers.com

Gtalk: udbhav.intime

Tekshapers Inc. – WMBE Firm

1441 E. Maple Rd, Suite # 301, Troy, MI 48083 

http://www.tekshapers.com

Certification: WMBE Certified | E-Verified Company | ISO 9001:2008

--
You received this message because you are subscribed to the Google Groups "Entry level IT Jobs in US + H1B visa sponsor" group.
To unsubscribe from this group and stop receiving emails from it, send an email to entry-level-it-jobs-in-us-h1b-visa-sponsor+unsubscribe@googlegroups.com.
To post to this group, send email to entry-level-it-jobs-in-us-h1b-visa-sponsor@googlegroups.com.
Visit this group at https://groups.google.com/group/entry-level-it-jobs-in-us-h1b-visa-sponsor.
For more options, visit https://groups.google.com/d/optout.
at

No comments:

Post a Comment