|
|||||
<
/td>
|
Job Description: We are seeking a Sr. Computer Security Analyst for a temp-to-perm position in Rockville, MDAll candidates must be a US Citizen or Greencard holder. Requires a 6 to 8 week background check No candidate can have left the US for more than 30 consecutive days in the last 7 years Standard Job Description: Designs, tests, and implements state-of-the-art secure operating systems, networks, and database products. Conducts risk assessment and provides recommendations for application design. Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access. Uses encryption technology, penetration and vulnerability analysis of various security technologies, and information technology security research. May prepare security reports to regulatory agencies. Specific Job Description: CISSP (Certified Information Systems Security Professional) designs, tests, and implements state-of-the-art secure operating systems, networks, and database products. Conducts risk assessment and provides recommendations for application design. Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access. Uses encryption technology, penetration and vulnerability analysis of various security technologies, and information technology security research. May prepare security reports to regulatory agencies.Documents, implements, and assesses NIST SP 800-53 security controls for High-sensitivity system. Documents, trains on, tests, and implements Contingency Plans and Incident Response Plans Provides continuous Monitoring activities (e.g. security impact analyses on CRs, routine vulnerability scanning and analysis, establishing patch management program, security alert reviews and tracking, security documentation (e.g. policies, procedures, security plan, risk assessments, etc.) updates, etc.). Required Skills: Must have CISSP or on track to get CISSP within 3 months of hire. Must have direct full-time security professional work experience in security architecture and design, network security, application security, and/or disaster recovery. Must have experience with making decisions and recommendations for secure and compliant system design and the specification and selection of controls and mechanisms (i.e. security solutions, technology, and product selections). Must have effective and concise oral communication and writing skills and be highly experienced in writing security and architectural documents (i.e. Security Categorization, Risk Assessment, Security Plan, Contingency Plan, System Architecture Document, Design Documents, etc.) in compliance with NIST standards and guidance. Must be experienced with NIST Certification and Accreditation process and related guidance and standards (NIST SP 800-37, 800-60, 800-63, 800-30, 800-53, 800-18, 800-34, FIPS 200, FIPS 199, FIPS 140-2, OMB Circulars and Memoranda etc.). Desired Skills: 5 years of direct full-time security professional work experience in security architecture and design, network security, application security, and/or disaster recovery. •CCSP (Cisco Certified Security Professional) •CCNP (Cisco Certified Network Professional) CISSP concentration in ISSAP: Information Systems Security Architecture Professional. Additional security certifications (e.g. CAP, other CISSP concentrations, etc.) Experience with facility and site C&A. Experience with conducting vulnerability scanning and security control testing and assessments.
An Equal Opportunity Employer M/F/D/V |
||||||||||||||
|
||||||||||||||
|
