Information Security Analyst

Overview

Global in service but local in approach, Nisga'a Tek is committed to high-quality service to those who defend us. Nisga'a Tek ensures mission assurance and execution for customers and warfighters. Providing intelligence, IT, cyber security, training, logistics, administrative, acquisition, and background investigation services.

Summary

Nisga'a Tek is looking for an Information Security Analyst to provide onsite support for our government customer located in the Washington DC Metro Area. The Security Analyst shall provide Cybersecurity services in support of the C5ISC Engineering Services Division (ESD) Information Assurance Branch (IAB). The Security Analyst shall act as the Information Systems Security Officer and shall provide cybersecurity audits, reviews and recommendations to assist the customer in maintaining accreditation for network and enterprise system as designated.

Responsibilities

Essential Job Functions

• Prepare and maintain correct, thorough, and timely inputs to accreditation packages and critical documents that stipulate concepts, requirements, continuity, and contingency to include, System Security Plan (SSP), Security Risk Analysis (SRA), and all critical requirement documents, artifacts in accordance with current network accreditation processes.
• Provide analyses and decision support information for the CGCyber A&A to make system/network risk management determinations for an Authorization to Operate (ATO).
• Maintain the continuous monitoring process and ensure all systems are compliant with DOD and USCG security guidelines, and DISA Security Technical Implementation Guides (STIG).
• Provide draft inputs to security policies and guidance, based on Government requirements and industry best practices, to ensure CG practices are in compliance with DOD/USCG policy directives.
• Provide artifacts and information required for audits and inspections.
• Develop and maintain matrices to track and analyze trends in IA readiness and compliance.
• Manage and track all Plan of Action and Milestones (POA&Ms) created by the organization to address identified weaknesses, vulnerabilities, and audit/assessment findings from creation to closure.
• Coordinate with other organizations as needed in the processing and management of the POA&Ms.
• This includes validation of POA&M content submitted by the area of responsibility (AOR) for weakness remediation; ensuring POA&Ms are submitted via proper channels; providing reports and status tracking of remediation efforts; work with the AOR as needed to ensure items are completed in a timely manner and to gather appropriate artifacts for closure; and identifying POA&Ms that will need waivers or risk acceptance.
• Utilize DOD/ USCG and industry-standard security practices and policies to conduct detailed vulnerability assessments and implement recommended security safeguards to protect all CG IT assets.
• Coordinate and implement Information Operations Conditions (INFOCON) measures as necessary.
• Utilize tools and tracking mechanisms that shall automate reporting and data collection of Information Security (INFOSEC) associated vulnerabilities.
• The Contractor shall submit findings and recommendations to the ISSO as requested.
• Provide continuous monitoring of all C5ISC enterprise-managed assets.
• The continuous monitoring process shall ensure all systems are compliant with DOD and USCG security guidelines.
• Coordinate and maintain the DHS’ and DOD’s vulnerability database accounts.
• Coordinate with ISSOs to advise and facilitate resolution of all IA and INFOSEC issues.
• Review system audit records and intrusion detection data to assist ISSOs in identifying security incidents.
  
  

Qualifications

Necessary Skills and Knowledge

• Strong understanding of security protocols, encryption, and authentication technologies.
• Familiarity with compliance standards and regulations.
• Excellent problem-solving and analytical skills.
• Strong communication and interpersonal skills.
  
  

Minimum Qualification

• Completed experience, training and maintenance of IAM Level I certification required.
• Minimum 3 years of experience in an Information Security Analyst or ISSO.
• Active SECRET security clearance.
  
  

Preferred Qualification

• Bachelor's degree in a related field.
• Preferred 3 years of experience in at least one of the following toolsets: ACAS, HBSS and/or eMass.
  
  

Pay And Benefits

At Goldbelt, we value and reward our team's dedication and hard work. We provide a competitive base salary commensurate with your qualifications and experience. As an employee, you'll enjoy a comprehensive benefits package, including medical, dental, and vision insurance, a 401(k) plan with company matching, tax-deferred savings options, supplementary benefits, paid time off, and professional development opportunities.