IT Security Analyst / Assessor
Washington, DC, United States
Applications have closed
Company Description
NXTKey Corporation has been delivering Information Technology, Information management, Information Assurance (IA) and cybersecurity solutions to US Federal Government since 2005.
NXTKey Corporation is an agile Small Business that places emphasis on teamwork and partnership with our clients to produce optimum contract performance. We have refined our solution from experience supporting highly complex Department of Justice (DOJ) environments such as United States Marshals Service (USMS), Justice Management Division (JMD), Office of Justice Programs
(OJP) and Federal Prison Industries (FPI).
Our depth of experience allows us to provide IT security support for a wide range of IT General Support Systems (GSS) and major applications (MAs) within the Federal Enterprise and following the guidance in the Federal Enterprise Architecture (FEA) and information systems security support services in accordance with OMB Circular A-130, NIST guidelines and standards, as well as other federal policies and regulations.
Job Description
Information System Security Analyst duties include:
- Perform Certification & Accreditation (C&A), System Assessment & Authorization (SA&A) as part of NIST SP 800-37 Risk Management Framework (RMF) system and application accreditation
- Prepare Vulnerability Scanning test plans, coordinate testing, and conduct scans using Nessus, Foundstone, WebInspect, Hailstorm and other scan applications
- Analyze vulnerability scan results for validation and root cause
- Technical support in the areas of vulnerability assessment, risk assessment, network security, product evaluation, and security implementation.
- Responsible for the design and implementation of security solutions to protect the confidentiality, integrity, and availability of sensitive information.
- Provide technical evaluations of customer CM and CMI solutions and provide security recommendations.
- Participate in the design of information system business impact analysis, system categorization, contingency plans, privacy documents, and other system security documentation to maintain appropriate levels of protection and meet requirements for minimizing operational impact to the enterprise.
- Conduct testing and audit log reviews to evaluate the effectiveness of current security measures.
IT Security Control Assessor needs to possess the following skills:
- 5+ years of experience conducting security control assessment of all NIST 800-53 controls
- Knowledge of NIST 800-53 security controls and required documentation.
- Conducted security control assessments based on a Risk Management Framework approach.
- Familiarity with Cyber Security Assessment Methodology (CSAM) tool a plus
Qualifications
- US Citizen
- Certification(s) in information technology (i.e. Security+,)
- BS degree in a computer or system science discipline from an accredited college or university.
- Working experience in Federal Government Contracts is a must.
- Active Public Trust Clearance (adjudicated within past 5 years) is a must.
Additional Information
All your information will be kept confidential according to EEO guidelines.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile C Clearance Nessus Network security NIST NIST 800-53 Privacy Risk assessment Risk management RMF Security assessment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Information Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open IPS-related jobs