Senior Security Analyst

NetStar-1 is currently seeking a Senior Security Analyst.  The Technical  Analyst position within NetStar-1's delivery organization provides security documentation  development and information assurance expertise in the delivery of security support services. This position provides certification and accreditation (C&A) documentation development, test results review, coordination and support of FISMA and FISCAM audits, and development of various data call responses. The primary objective of this position is to provide technically proficient development of high quality information security deliverables.

 

Applicant (s) selected will be subject to a government security investigation and must meet eligibility requirements for access to classified and/or sensitive information or systems.

 

Major Duties and Responsibilities

n  Performing security services as part of NetStar-1's programs, which may include policy, procedures, security awareness, and other security related documentation  development and services such as FISMA Compliancy, Risk Assessments,  Authority to Operate (C&A) certification, MOU/ISA generation, security test results analysis, audit coordination, technical documentation/deliverable development, data call synthesis and compilation, and other administrative/operational tasks as assigned by client.  60%

 

n  Maintaining deliverable quality and accuracy. 15%

 

n  Communicating and coordinating with various stakeholders, technical staff, and system

owners to deliver on-time and consistently high quality work products. 15%

 

n  Participating in security group development efforts to standardize process and

methodology for a specific set of solutions.  5%

 

n  Maintaining working knowledge of federal and Department of Labor security policy,

  standards, regulations, and best practices to enable incorporation into work products. 5%

Education/Qualification Required

nRequires a Bachelor's degree, or equivalent training, in a related field.

nSecurity  specific, industry-recognized, and (preferably vendor neutral) specialist certifications are a benefit.

Experience

nMinimum 5 years of related experience.

nSkills and Core Competencies

n  Strong communication skills are required.

 

 n Excellent documentation skills are required.

n  Ability to work independently or as part of a team ensuring accurate communications.

n  A high level of integrity and trust.

n  Knowledge of security hardware and software products that comply with current industry standards.

n  Ability to review and document security test tool outputs

n  Knowledge and understanding of security-related federal regulations, standards and best practices

n  Actively seeks better ways to add value to the business.

n  Responsible for quality deliverables.

 n Strong report writing skills and ability to interpret data is required.

n  Demonstrates a strong understanding of NetStar-1 processes and an expert understanding of its products.

Project Specific Requirements

This position requires considerable knowledge of Federal Information Security statutes, regulations, and guidelines, including FISMA, Clinger-Cohen, and the Privacy Act.  The position also requires substantial knowledge of information security guidelines issued by the National Institute of Standards and Technology, and experience applying these guidelines in the certification and accreditation of complex information systems, preferably in the Federal environment.

 

The Senior Security Engineer must also have extensive experience in the development, documentation, and implementation of information security policies, processes, and procedures, and must possess the interpersonal skills necessary to negotiate such policies, processes, and procedures with customer groups inclined to resist their implementation.  The position requires the ability to drive projects to completion despite customer resistance, and to negotiate complex and variable political environments.

This position requires working knowledge of, and experience with large enterprise networks; firewalls, routers, and intrusion detection systems; Windows-based workstations and servers; UNIX; anti-virus and anti-spam software; database technologies; and web technologies.  The Senior Security Engineer should also have a Bachelor’s degree in Information Systems, Computer Science, or a related field and at least 5-7 years of relevant experience.  Advanced degrees and industry certifications such as CISSP, CCSP, and PMP would be a significant advantage.