Cyber Security Analyst - CG-RSI
Arlington, Virginia, United States
First Information Technology Services
Designing Information Security Solutions with You in Mind.First Information Technology Services (FITS) has been providing Information Security, Cloud Computing Security, and IT consulting services since 2000. FITS consultants perform comprehensive assessments from beginning to end to produce meaningful, actionable reports that fit within an organization's comprehensive risk strategy.
Program Overview:
First Information Technology Services, Inc. provides cyber security support services to the Telecommunications Information Systems Command (TISCOM), located in Alexandria, VA. Our cyber security team members are expected to perform analysis and applications security support tasks including systems security analysis, evaluations, assessments, and vulnerability management activities across multiple Coast Guard owned and managed systems. In this capacity, they will work with internal and external cyber security stakeholders at CGCYBERCOM, USCG HQ and DHS in maintaining continued system security compliance and operations posture and sustained Authorization to Operate (ATO).
Employees assigned to this task will be considered members of the Coast Guard Readiness and Security Inspections (CG-RSI) Branch to support the USCG Command Cyber Readiness Inspections (CCRI) program.
Job Description
- Perform security assessments/Blue Team assessments for all systems, including hardware, software, and other IT technologies as requested.
- Evaluate systems using DoD IA security controls, based on DoD IA 8500.01/2, NIST SP 800-53 Rev 4, and CNSSI 1253, and other DoD security control categorization and control processes.
- Review routine and ad hoc system vulnerability and STIG compliance scans and identify weaknesses. Conduct root-cause analysis and remediation activities as needed.
- Support the review and approval of Firewall & Domain Naming Standards (DNS) requests. Support includes but is not limited to performing a security analysis/assessment of requested changes and providing a brief statement identifying security issues or potential risks imposed by implementing the change on the enterprise network and approving/disapproving requests based off risk assessment and DISA/DoD policy.
- Monitor risk-related information by using existing USCG Information Security tools/utilities, analytical methodologies, and security best practices.
Required Qualifications
- Active Top Secret clearance/SCI eligibility
- Certifications: Minimum DoD 8570 IAT Level II Certification, including Security+ CE, CEH, GSEC, SSCP, or CCNA-Security
- Experience with Command Cyber Operations Readiness Inspections (CCRIs) and/or other technical cyber compliance inspections.
- Technical understanding and use of Security Technical Implementation Guides (STIGs).
- Experience with Defense Information Systems Agency (DISA) STIG Toolset & SCAP.
- Working experience of the DoD Information Assurance Vulnerability Management (IAVM) and DHS Information System Vulnerability Management (ISVM) Programs.
Additional Qualifications
- 3-5 Years ISSE, System Administration, or Network Administration experience is considered a plus.
- Strong verbal and written communication skills.
- Ability to solve complex problems utilizing creative thinking skills.
- Ability to critically analyze and understand systems and communicate system requirements to the customer and senior leadership.
- DoD 8570 IAT Level III certification, including CISSP or CASP+, is considered a plus.
Location: 80% Onsite at TISCOM, Alexandria (4 days onsite, 1 day remote)
This is not a fully remote opportunity.
First Information Technology Services, Inc. believes that a well-rounded compensation package helps teams members thrive in their work and home life. FITS proudly invests in benefits for its employees, covering 100% of health, dental, and vision coverage for employees and their dependents (including domestic partners), paid time off, holidays, matching 401(K), short/long term disability, and parental leave. FITS also provides up to $5,000 annually for professional development, including reimbursement of job-related training classes, seminars, tuition, and certification expenses.
FITS is an Equal Opportunity Employer and prohibits discrimination and harassment of any kind. FITS is committed to the principle of equal employment opportunity for all employees and to provide employees with a work environment free of discrimination and harassment. All employment decisions at FITS are based on business needs, job requirements, and individual qualifications, regardless of race, color, ethnicity, age, religion or belief, sex, sexual orientation, gender identity and/or expression, national origin, family or parental status, disability, military or veteran status, or any other status protected by the laws or regulations in the locations where we operate.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Blue team CASP+ CEH CISSP Clearance Cloud Compliance DISA DNS DoD DoDD 8570 Firewalls GSEC ISSE NIST NIST 800-53 Risk assessment SCAP Security analysis Security assessment SSCP STIGs Strategy Top Secret Top Secret Clearance Vulnerability management
Perks/benefits: Career development Gear Health care Parental leave
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Manager Pentest H/F jobs
- Open Chief Information Security Officer jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open IT Security Engineer jobs
- Open Security Researcher jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Sr. Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open Security assessment-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open IPS-related jobs