Information Security Analyst
Linthicum, MD
Applications have closed
XOR Security is currently seeking a talented Information Assurance Analyst to support one of our premier clients within the Department of Defense for the Defense Cyber Crimes Center (DC3). The DC3 program provides comprehensive Forensic, Malware Analysis and Reverse Engineering support across the Defense enterprise by providing deep analysis of potential threat activity targeting the critical DOD assets. To support this vital mission, XOR staff is on the forefront of providing full spectrum Media Analysis, and Systems Engineering support to include the development of advanced tools and analysis techniques to protect critical DoD assets from hostile adversaries. The Information Assurance Manager will be responsible for preparing documentation such as Risk Assessment Reports (RARs) for the ISSM/CISO, System Security Plans (SSPs), Development of Plan of Action & Milestones (POA&Ms) to ensure compliance with Government and DC3 Cybersecurity policies and procedures. Will assist the ISSM/ISSO with the generation of cybersecurity documentation for system hardware and software assessments; assess the performance of IA Security controls for assess and authorize and assess only networks.
Top Secret clearance required. Must be eligible to obtain SCI
Strong written and verbal communications skills are a must.
Preferred Skills:
Required Qualifications:
- Experience reviewing SIEM, Splunk, ACAS, Tanium for setup and compliance
- Demonstrated Risk Management Framework (RMF) experience
- Experience with IA/Cybersecurity policy implementation
- Experience handling Federal C&A activities to include experience with eMASS (submission, validation and updates as needed)
- Experience performing computer systems security risk analysis and assessment.
- Experience implementing and validating Security Technical Implementation Guidance (STIG) and Security Requirements Guidance (SRG) for applications, familiarity with DOD network architecture and network engineering practices, hardening Windows/LINUX operating system
- DOD 8570/8140 Certification: (CISSP, CISM, GSLC, CASP, CAP)
- DoD SCCVI, HBSS, ACAS and CMRS experience
- TS Clearance with ability to obtain SCI
Desired Qualifications:
- Experience with Department of Defense Test & Evaluation (T&E) practices for Cybersecurity to include validation of Security Control Requirements, STIG/SRG/Customer Centric requirements and document findings in a formalized reporting format.
- Experience analyzing and defining security requirements.
- Strong analytical and organizational skills with excellent communication skills (written and verbal communications) and have the ability to work in a dynamic work environment.
- FISMA experience
- Exceptional communication, interpersonal, problem solving, analytical and organizational skills.
- Ability to work well both independently and as part of a team.
Closing Statement:
XOR Security offers a very competitive benefits package including health insurance coverage from first day of employment, 401k with a vested company match, vacation and supplemental insurance benefits.
XOR Security is an Equal Opportunity Employer (EOE). M/F/D/V.
Citizenship Clearance Requirement
Applicants selected may be subject to a government security investigation and must meet eligibility requirements - TOP SECRET CLEARANCE REQUIRED.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: C CASP+ CISM CISSP Clearance Clearance Required Compliance DoD DoDD 8140 DoDD 8570 FISMA GSLC Linux Malware Reverse engineering Risk analysis Risk assessment Risk Assessment Report Risk management SIEM Splunk System Security Plan Top Secret Top Secret Clearance Windows
Perks/benefits: 401(k) matching Health care
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open CI/CD-related jobs