Job: IT Security Analyst

Jobing Description

IT Security Analyst

Location: District of Columbia State/Province: DC
Duration: Full Time Job ID: HR-11-055
Date Posted: 8/15/2011
Description:

As a member of the team that will be responsible for a variety of Information Assurance Project support; will work in a number of program areas and perform tasks developing, coordinating and documenting plans, procedure, and policies for the Information Assurance Program office to include Security Authorizations (Certification & Accreditation) of systems, and NIST self assessments. The office is tasked with development, promulgation and execution of the IT Security Program for the agency.

Primary Duties:
? Perform security authorizations (Certification and Accreditation) on general support systems (GSS) and major applications (MA) in accordance with FISMA and NIST guidance.
? Prepare security authorization (C&A) documentation including system security plans (SSP), security test & evaluations (ST&E), risk assessment reports (RAR), configuration management plans (CMP), privacy impact assessments (PIA), and security categorization assessments.
? Manage annual FISMA security authorization tasks including planning, notification, evaluation, validation, and report preparation of risk assessments, incident response testing, contingency plan testing.
? Manage the remediation actions taken by the customer to correct assessment findings and develop supporting plan of action and milestone (POA&M) reports.
? Perform minor security evaluations of IT security-related technologies and services.
? Provide recommendations and guidance on the use of IT security-related technologies and configurations.

Secondary Duties:
? Develop and evaluate plans, principles, and procedures for accomplishing customer IT security studies and provide professional analysis of methods and objectives.
? Assist in the collection and examination of security assessment documentation.
Evaluate vital IT security-related technologies and services as required by the client.
? Prepare white papers on current computer-related security technologies.
? Assist with the preparation of new or revising of out-of-date IT security policies.

Required Skills:

? Bachelor?s degree in related field and 5 years specialized experience; without a degree must have 10 years of specialized experience.
? Requires an IT Security related certification, e.g., CISSP, CISA CISM, CAP, GIAC, SSCP or other IT Security related certifications.