Job Title: Senior Information Security Analyst (Multiple Openings)
Experience Level: Mid/Senior Level
Location: Sterling, VA
Clearance: Secret (Minimum)
Summit Brand Protection, INC (www.summitbrandprotection.com) seeking Senior InfoSec Analysts to work as part of a team in support of an ongoing project in Sterling, VA.
Job Description and Responsibilities:
SBP is seeking client-oriented Senior Information Security Professionals. Cyber Security and Information Security Analysts will implement security and compliance-based security controls to a system of networks. The ideal candidate must have significant hands on experience in tools such as Nessus/Security Center, Splunk, Kali, DBProtect, Colbalt Strike, and have working knowledge of OS such as Windows and Linux.
Security Analysts must be able to develop and deliver security engineering, vulnerability management, and security infrastructure solutions; as well as maintain strict accreditation and certification standards. Further duties include creating security plans and documentation. Analysts will perform security incident/preliminary inquiries and analyze security incident reports to identify the cause and ensure corrective actions are properly implemented. Responsible for developing security authorization packages which may include: system security plans, security assessment reports, POA&M summaries and a monitoring plan/assessment schedule. Senior Information Security Analysts will provide executive level briefings with their finished intelligence products. They will also be responsible with engineering, implementing, deploying, and maintaining commercial and/or open source products. Main responsibilities will be to identify and elevate ongoing threats. Employee will assist technical and user personnel in identifying issues and devising feasible solutions to ensure continuity of operation. Knowledge of the process for conducting annual INFOSEC Program Reviews is critical. Analysts will function as a call center analyst identifying attempted security breaches and/or other types of security events.
- Must have Secret U.S Government Issued Clearance (Minimum)
- Must have working knowledge of OS Windows and Linux
- Must have hands-on experience with the following tools: Nessus/Security Center, Splunk, Kali, DBProtect, Colbalt Strike
- Ten (10) or more years of relevant experience in an associated field and a bachelor’s degree. Preferred, a degree in Computer Science, Information Systems, Engineering, Business, Physical Science, or other technology. OR
Relevant experience within designated field of Computer Science, Information Systems, Info systems Engineering, info sec analysis, or other system security and info sec technology field.
- Must have experience in the following core competencies: cybersecurity, information security engineering, vulnerability management, security standards, intelligence analysis, patch management, classified communications, certifications/accreditations, incident response, executive-level presentations and risk response.
- Able to integrate as a team of information security analysts and engineers in a cybersecurity environment with 24/7 support and response.
- Able to oversees, evaluates, and supports the documentation, validation, and accreditation processes necessary to assure that IT systems meet the organization’s IT requirements; and ensures compliance from internal and external threats.
- Provided guidance and technical support to end users for security-related, media documentation, and classified-to-unclassified data movement matters.
- Developed system security plans and documentation, contributing to a satisfactory score on inspection to establish compliance with the Federal Information Security Management Act (FISMA).
- Relevant experience as an Information systems security officer, or program manager in support of IT management and systems security, program manager/IT security specialist, or information security analyst.
- Experience in or certification for Information System Security, Cyber Security, Computer Forensics, Insider threat, Penetration Testing, Malware Analysis or Certification and Accreditation in these fields.
- Have a technical background and have used or have certification for the following tools: SEIM tools, Splunk, Digital Guardian, Innerview, IDS, Firewalls, Pen Testing, Server and Switch maintenance,
- Experience and knowledge in network monitoring and intrusion detection using host based and network-based IDS and log management applications.
- Experience installing, testing, patching and upgrading computer hardware and operating systems (Windows and Unix).
- Experience using Tenable (Nessus, Security Center, LCE, NNM), Kali Linux, WebInspect, Nmap/ Zenmap, ZAP, Burp Suite, Nipper, GFI LANguard, Splunk Enterprise & Splunk Enterprise Security and Cobalt Strike.
- Familiar with the following Languages: HTML, CSS, Windows batch scripts, Linux shell scripts and PowerShell.
- Knowledge of FISMA, NIST and ASCLD requirements and accreditation.
- Must be able to work independently with some government oversight and function effectively as part of a team in a joint working environment.
- Provide thorough and completed products that require minor revisions and/or editing.
Send resumes directly to: firstname.lastname@example.org
Summit Brand Protection was founded by former federal law enforcement professionals from the U.S. Department of Homeland Security. Our management team possesses over 75 years of federal criminal investigative experience, business acumen, and military service. The firm is veteran-owned and dedicated to providing expert investigative and consultant services. Our firm’s unique expertise centers on assessing risk and performing vulnerability studies on events and/or situations that affect business growth, profitability, and value. We pride ourselves on applying real world solutions. Our team focuses on applying these skills to deliver a quality service and product that meets our client’s budget and time constraints.
Come visit us at www.summitbrandprotection.com