Come join a company that strives for Extraordinary People and Exceptional Performance! Eagle One Solutions, Inc., a Chenega Professional Services’ company, is looking for a Lead Information Security Analyst to lead and support a large federal IT organization.
The Lead Information Security Analyst will provide information security expertise in support of the Information System Owner (ISO), including planning and execution of security processes within the Systems Engineering Life Cycle (SELC), preparing SELC security documents, ensuring appropriate security controls are applied, providing continuous monitoring during operations, and reviewing and providing recommendations for security policy. This is a highly visible position and will require a self-motivated, well-versed, and knowledgeable candidate to support the organization.
Our company offers employees the opportunity to join a team where there is a robust employee benefits program, management engagement, quality leadership, an atmosphere of teamwork, recognition for performance, and promotion opportunities. We actively strive to channel our highly engaged employee’s knowledge, critical thinking, innovative solutions for our clients.
Responsibilities
- Team Leadership: Supervise and mentor a team of ISAs, providing guidance and support in executing the security mission.
- Threat Research & Intelligence Sharing: Lead efforts to research and analyze emerging information security vulnerabilities and threats. Collaborate with external organizations within the intelligence community and share findings with the enterprise.
- Security Posture Monitoring: Assist the ISO in monitoring the security posture and vulnerability landscape of multiple systems. Report findings to the Information System Security Officer (ISSO) for necessary remediation.
- System Security Management: Serve as a domain expert and improve vulnerability management, security configuration assessment, and penetration testing programs.
- Systems Engineering Life Cycle (SELC) Support: Support the ISO in planning and executing SELC processes, ensuring that appropriate security controls are applied, and perform continuous monitoring.
- Data Protection Planning: Ensure the procedures are followed to safeguard computer files against unauthorized modifications, destruction, or disclosure, and to meet emergency data processing needs.
- Authorization Package Preparation: Assist with the preparation and renewal of Authorization to Operate (ATO) packages and monitor, track, and control Plan of Action and Milestones (POAMs).
- Security Violations Review: Review violations of IT security procedures, providing recommendations for corrective actions.
- Documentation Development: Assist in drafting computer security policies, procedures, and emergency measures, ensuring they are current and effective.
- Data Usage Monitoring: Monitor the use of data files and report findings to the ISO and ISSO to safeguard information integrity.
- System Implementation Coordination: Coordinate the implementation of computer system plans with internal personnel and external vendors.
Qualifications
- 5 years of relevant Federal work experience.
- Bachelor’s degree in information technology or related field.
- Possess valid and current IAM III certification; ISACA Certified Information Security Manager (CISM) preferred.
- Experience in Federal Risk Management Framework (RMF), FISMA, NIST, and Zero Trust Architecture (ZTA).
- Participated in a DOD, Command Cyber Readiness Inspection (CCRI).
- Experience in DISA Security Technical Implementation Guidance (STIG) implementation.
- Experience in DISA ACAS scanning.
- Experience in remediation of DISA cybersecurity findings.
- Excellent written and verbal communication with a commitment to high-quality output.
- Ability to obtain a Public Trust clearance and higher-level clearance as required.
Knowledge, Skills and Abilities:
- Highly organized, with the ability to work efficiently and effectively with others.
- Self-motivated and proactive, both with respect to managing workload and own professional development.
- People oriented, with the ability to remain objective and communicate well with a range of personalities and audiences.
- Detail-oriented.
- Strong written and verbal communication skills.
- Effective communicator in a wide range of audiences and personality types.
- Strategic-oriented, always looking for opportunities for the customer to streamline, gain efficiencies.
- Understanding of Agile/SAFe methodologies, Software Development Life Cycle (SDLC) or Systems Engineering Life Cycle (SELC) processes, and security vulnerability remediation process.
- Computer skills to include but not limited to, skills in operating Microsoft Office software, with emphasis on Word, OneDrive, SharePoint, Excel, Power Point, and Visio; network monitoring, network security, and transaction security.