Sorry, this listing is no longer accepting applications. Don’t worry, we have more awesome opportunities and internships for you.

Sr. Security Analyst

A

Aptive Resources

Sr. Security Analyst

National
Full Time
Paid
Similar Jobs
  • Responsibilities

    Aptive is seeking a Security Analyst, Sr., to support a Department of Veterans Affairs (VA) client.

    The candidate must pass a National Agency Check (NAC) covering the past 7 years to obtain a VA Tier 4 ‘High Risk' BI Public Trust clearance as well be able to obtain or currently possess a DoD Secret clearance.

    Requires U.S. Citizenship. This is a remote position that can be performed anywhere in the U.S.

    The chosen candidate will be part of a team providing Enterprise Security Architecture (ESA) technical support services that accommodate VA's scope, size and complexity, including enterprise architecture, emerging technologies, networks and mobile, in specialized areas like healthcare, specialized medical devices, cybersecurity, IT Modernization and large scale architecture.

    We are seeking specialized technical and security expertise of new technologies that VA is introducing, including merging of Electronic Health Records (EHR), cloud computing, Application Programming Interfaces (APIs), specialized networks (i.e., software and security perimeter and defined networks) Internet of Things (IoT), analytic ecosystems and medical devices. The candidate should have demonstrated expertise in IT, communications, systems architecture, engineering and integration; along with the ability to apply this expertise across a broad portfolio of IT systems, software and infrastructure solutions. JOB SUMMARY:

    The Security Analyst, Sr., will effectively leverage detailed knowledge and familiarity with security discipline with a strong focus on conforming to an Enterprise level architectural framework. The Security Analyst, Sr., should have thorough knowledge of security principles, concepts, policy and regulations and be able to pinpoint risks in security systems and work with technical experts to remediate security issues. The Security Analyst, Sr., will identify key concepts, factors and risks, based on various methods of research and customer interactions, and will document these in clear and concise narrative or graphical representations.

    PRIMARY RESPONSIBILITIES:

    • Support implementation of information security engineering from establishing stakeholder security requirements, design, implementation and validation to sustainment. Support planning and coordination of test plans, remediation and mitigation strategies.
    • Assist in planning and strategies for incident management, cybersecurity vulnerability assessment, continuous monitoring, configuration management, change management, risk assessments, system impact assessments, identity and access management (IAM).
    • Support development of ESA artifacts based on the ESA Roadmap.
    • Develop, review and assess system level architectures for security flaws or gaps.
    • Support adoption of the ESA roadmap by crafting standards, guidelines, and design patterns that follow the ESA mission and various security frameworks (e.g., CSF, CGS, SABSA).
    • Interface with key stakeholders within the various product and Security teams.
    • Review existing system-specific Security Assessment Plan (SAP), Risk Assessment Report (RAR), Plan of Action and Milestones (POA&M), System Security Plans (SSP), Application Security and Development Checklists and other artifacts supporting DoD and VA software and system assessment and authorization.

    REQUIRED QUALIFICATIONS:

    • Master's degree or higher in computer science, electronics engineering or other engineering or technical discipline and 5 years relevant experience. 10 years of additional relevant experience may be substituted for education.
    • VA or other Federal Government experience required.
    • Candidate must pass a National Agency Check (NAC) covering the past 7 years to obtain a VA High/BI Public Trust clearance.
    • Expert-level knowledge of FISMA, NIST RMF and NIST SP 800-series publications.
    • Exposure to Software Development Lifecycle (SDLC) and related terminology as it relates to Information Security/Information Assurance.
    • Significant experience with applying specific Security and Enterprise Architecture frameworks, standards and best practices to design and build a Security Architecture.
    • Firm understanding of Governance, Risk and Compliance (GRC) concepts, platforms and tools.
    • Experience with Certification and Accreditation (C&A)/ Security Assessment and Authorization (SA&A), Information Security Systems Risk Assessment and IT Risk Management processes and practices.
    • Familiarity with NSA Community Gold Standard.

    DESIRED QUALIFICATIONS:

    • CISSP.
    • Familiar with creating security diagram overlays and updates, determining security requirements and security mitigation implementation.
    • Vulnerability and Patch Management: Experienced in Asset Management, Vulnerability Scanning (Tenable Nessus, Hailstorm, AppDetective), Vulnerability Remediation (BigFix, SCCM), Secure Configurations support (i.e. DISA STIGS) and Security Advisory notifications.
    • Familiarity with VA operating environments is a plus.
    • Knowledge of and analytical skill in researching relevant Federal Government and VA Laws, Regulations, Policies and Directives (LRPDs) in support of building an Enterprise Security Architecture.
    • Familiar with Security Information and Event Management (SIEM) and Continuous Diagnostics and Monitoring/Mitigation tools.

    EQUAL OPPORTUNITY EMPLOYER (EEO):

    Aptive is an equal opportunity employer. We will consider all qualified applicants for employment without regard to race, color, religion, sex, national origin, disability, protected veteran or any other characteristic protected by law.

    Veterans and members of the Reserve and National Guard are highly encouraged to apply.