Information Systems Security Analyst (Secret Clearance Required)

Job Description

This role is structured as an initial 6-month contract engagement. It requires an active Secret clearance and the ability to work on-site Monday-Friday. Please only apply if you meet these minimum requirements.

This role is responsible for ensuring the security and integrity of the XE1-LAN environment and supporting the maintenance of the Authorization to Operate (ATO). The role will implement, monitor, and enforce security policies and procedures to protect sensitive information and systems from unauthorized access, use, or disruption.

Job Profile Tasks/Responsibilities

• Support team members with the execution of the core tasks and responsibilities, listed in the Job Profile Task/Responsibilities under guided supervision.
• Develop and maintain a system-level Plan of Action and Milestones (POA&M)
• Perform basic analyses to validate established security requirements and may recommend additional security requirements and safeguards
• Maintain operational security posture to ensure information systems security policies, standards, and procedures are established and followed.
• Manage the operation of a continuous monitoring program, developing, updating, and maintaining system security documentation and implementing security policies and procedures to support continuous monitoring.
• Implement policy and processes into continuous monitoring to maintain the system ATO.
• Coordinate security remediation activities, schedules, and milestones with stakeholders, establish risk and mitigation strategies, and communicate status.
• Monitor networks for threats and vulnerabilities and respond to computer events and alerts.
• Develop, update, and review Risk Management Framework (RMF) documentation to include Security Plans, Implementation Plans, Plans of Action and Milestones (POA&Ms), and Risk Assessment Reports.
• Assess system compliance against NIST and DoD security requirements to include the NIST 800-53 controls and DISA Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs); produce evidence to support compliance status of NIST and DoD security requirements.
• Maintain professional demeanor and behavior at all times in all forms of communication.
• Perform other duties as assigned by the manager.
  

Minimum Education/Qualifications

• Typically, three years of experience in a Cybersecurity role is required.
• Security Certification.
• Basic understanding of cybersecurity principles and tools.
• Familiarity with networking concepts and security protocols.
• Knowledge of Windows (server and desktop) operating systems.
• Knowledge of Risk Management Framework (RMF) and the NIST 800-53 control set.
• Knowledge of auditing and implementing Security Technical Implementation Guides (STIGs) and Security Requirement Guides (SRGs).
• Experience with eMASS, SCAP and STIGviewer.
• Knowledge of applying patches in an air-gapped system.
  

Company Description

PROTEK Consulting is a Woman-Owned Small Business led by an experienced team of industry veterans. Together, we make impeccable candidate-to-job matches delivering the right fit for our clients, every time. We work tirelessly in pursuit of the perfect match for our clients, with the ultimate goal of becoming one of their strategic business partners. We value and strive for a long-term relationship not short-term gain. We put our client’s interest in front of our own. We work really hard to understand our client’s underlying interests not just surface “wants”. We are genuinely passionate and enthusiastic about connecting our clients with the perfect match.

PROTEK Consulting is a Woman-Owned Small Business led by an experienced team of industry veterans. Together, we make impeccable candidate-to-job matches delivering the right fit for our clients, every time. We work tirelessly in pursuit of the perfect match for our clients, with the ultimate goal of becoming one of their strategic business partners. We value and strive for a long-term relationship not short-term gain. We put our client’s interest in front of our own. We work really hard to understand our client’s underlying interests not just surface “wants”. We are genuinely passionate and enthusiastic about connecting our clients with the perfect match.