Information Security Analyst
2 weeks ago
Position- Information Security Analyst – Remote
Location: Open to remote
Assignment Type: 6 months- possible CTH or extension
Work Authorization- GC and USC
Must Have: 3+ Threat models, Strong understanding of access controls and authentication mechanisms, PKI, and cryptography
Preferred: CCSP, OSCP
Position Overview:
Information Security Analyst will partner closely and collaboratively with Enterprise Architecture (EA), Developers, Platform Owners, and other areas of the firm to help ensure Freddie Mac provides secure services and solutions.
Duties and Responsibilities:
• Assess Security Risk from an Architectural Perspective and Apply a Risk-Based Approach to Security
• Generate application treat models in a quick paced environment
• Manage workloads using Kanban methodologies to estimate and track task deliveries
• Mentor, assist, and share your expertise with team members
• Attend regular standups and team meetings
• Identify and be able to explain security weaknesses to a variety of audiences to include but not limited to software development teams
• Hold brown bag sessions to educate developers on the value and benefit that they and the firm derive by identifying threats early
• Develop training material for how to engage the Threat Management service, make use of technologies, and interpret findings.
• Drive beneficial security change into the business through supporting Developers with creation of threat models for their applications and remediation of potential threats, balancing risk against business need.
• Support the Security Architecture team to develop and mature an Application Threat Modeling Program by defining processes, procedures, controls, KRI’s/KPI’s, etc., that identify threats early in the development process reducing risks prior to deployment.
• Work with the InfoSec functional teams in the development of the Information Security strategy and roadmap, including and with focus on Threat Modeling; liaison and consult with Enterprise Architecture, IT and the business for ongoing input and awareness
• Advise and Contribute to Strategy and Roadmaps
Qualifications:
• Strong understanding of access controls and authentication mechanisms, PKI, and cryptography
• Demonstrated experience developing technical threat models
• Demonstrated experience performing security code reviews and explaining results to project teams
• Previous or active experience with bug bounty programs
• Experience working in Sprint or Agile environments
• Strong understanding of protocols, networking, firewalls, caching, VIPs, proxies, web applications, and database systems
• Experience with AWS and Azure or working knowledge of GCP
• Knowledge of several of the following programming languages; Java, C#, Python, C++, Node.JS, JavaScript
• Knowledge in one or several of the following Frontend frameworks; React, Angular, Ember, Vue
• Minimum of 3 years’ experience working as an Information Security Threat Modeling subject matter expert at a senior level
• Minimum of 5 years’ experience working as an Information Security Professional, preferably within the architecture or engineering disciplines
• Passion for leading change and ability to bring others along
• (Desirable) Able to provide references to CVEs filled, Bug Bounty Username, or GitHub repositories
• (Desirable) One or more security-related certifications associated with AWS, GCP, or Azure
• (Desirable) CISSP (+ ISSAP), CCSP, CEH, OSCP, CSSLP
-
Information/Operations Security Analyst
3 weeks ago
Washington, United States Dynamis, Inc. Full timeJob DescriptionJob DescriptionDynamis is seeking a Information/Operations Security Analyst to support the National Nuclear Security Administration's (NNSA) operational and technical support services of the Office of Defense Nuclear Security (NA-70). This position will either support the Washington, DC or Germantown, MD onsite office.DOE Top Secret, DOE Q...
-
Information Systems Security Analyst
1 week ago
Washington, United States Gilder Search Group Full timeSummit Technologies Inc. is seeking an Information Systems Security Analyst t o support our government client. The Information Systems Security Analyst will support IT management with control assessment, development, and maintenance, and risk assessment and response development. This is a hybrid role based in Washington, DC. Candidates must be eligible for a...
-
Information Security Analyst
3 days ago
Washington, United States Brilliant Infotech Inc Full timeJob DescriptionJob DescriptionJob Title: Information Security Analyst Location: Washington, DC Duration: 12+ Months (Extendable) Assignment Type: OnsiteNeed Locals Only Due To Work RequirementsDescription Required skillset must include: 9+ years of experience in firewall and network administration (emphasis on firewall) Hands-on experience performing...
-
Information Systems Security Analyst
2 weeks ago
Washington, United States Summit Technologies, Inc. Full timeJob DescriptionJob DescriptionSummit Technologies Inc. is seeking an Information Systems Security Analyst to support our government client. The Information Systems Security Analyst will support IT management with control assessment, development, and maintenance, and risk assessment and response development.This is a hybrid role based in Washington, DC....
-
Information Systems Security Analyst
2 weeks ago
Washington, United States Summit Technologies, Inc. Full timeJob DescriptionJob DescriptionSummit Technologies Inc. is seeking an Information Systems Security Analyst to support our government client. The Information Systems Security Analyst will support IT management with control assessment, development, and maintenance, and risk assessment and response development.This is a hybrid role based in Washington, DC....
-
Information Systems Security Analyst
3 days ago
Washington, United States Summit Technologies, Inc. Full timeJob DescriptionJob DescriptionSummit Technologies Inc. is seeking an Information Systems Security Analyst to support our government client. The Information Systems Security Analyst will support IT management with control assessment, development, and maintenance, and risk assessment and response development.This is a hybrid role based in Washington, DC....
-
Senior Information Systems Security Officer
3 weeks ago
Washington, United States Information Protection Solutions Full timeJob DescriptionJob DescriptionInformation systems security officers (ISSO) research, develop, implement, test and review an organization's information security in order to protect information and prevent unauthorized access. Officers inform users about security measures, explain potential threats, install software, implement security measures and monitor...
-
Information System Security Engineer
7 days ago
Washington, United States Information Protection Solutions Full timeRESPONSIBILITY Analyze science, engineering, business, and other data processing problems to implement and improve computer systems. Analyze user requirements, procedures, and problems to automate or improve existing systems and review computer system capabilities, workflow, and scheduling limitations. May analyze or recommend commercially available...
-
Information System Security Engineer
1 week ago
Washington, United States Information Protection Solutions Full timeJob DescriptionJob DescriptionRESPONSIBILITYAnalyze science, engineering, business, and other data processing problems to implement and improve computer systems. Analyze user requirements, procedures, and problems to automate or improve existing systems and review computer system capabilities, workflow, and scheduling limitations. May analyze or recommend...
-
Senior Information Systems Security Analyst
Found in: beBee jobs US - 3 weeks ago
Washington, Washington, D.C., United States SAIC Career Site Full timeDescription SAIC is looking for a Senior Information Systems Security Analyst to join our team supporting an important US government agency in the National Capital Region. This is an exciting opportunity to work with a team responsible for IT Security Risk and Compliance support by providing direct support to the Information System Security and Privacy...
-
Senior Information Sysems Security Analyst
2 weeks ago
Washington, United States Summit Technologies Full timeSummit Technologies Inc. is seeking a Senior Information Systems Security Analyst to support our government client. The Senior Information Systems Security Analyst will support IT management with control assessment, development, and maintenance, and risk assessment and response development. This is a hybrid role based in Washington, DC. Candidates must be...
-
Senior Information Systems Security Analyst
7 days ago
Washington, United States SAIC Full timeDescription SAIC is looking for a Senior Information Systems Security Analyst to join our team supporting an important US government agency in the National Capital Region. This is an exciting opportunity to work with a team responsible for IT Security Risk and Compliance support by providing direct support to the Information System Security and Privacy...
-
Senior Information Sysems Security Analyst
5 days ago
Washington, United States Summit Technologies Full timeSummit Technologies Inc. is seeking a Senior Information Systems Security Analyst to support our government client. The Senior Information Systems Security Analyst will support IT management with control assessment, development, and maintenance, and risk assessment and response development. This is a hybrid role based in Washington, DC. Candidates must be...
-
Senior Information Sysems Security Analyst
3 weeks ago
Washington, United States Summit Technologies, Inc. Full timeJob DescriptionJob DescriptionSummit Technologies Inc. is seeking a Senior Information Systems Security Analyst to support our government client. The Senior Information Systems Security Analyst will support IT management with control assessment, development, and maintenance, and risk assessment and response development. This is a hybrid role based in...
-
Information Assurance Policy Analyst
1 week ago
Washington, United States Information Protection Solutions Full timeJob DescriptionJob DescriptionRESPONSIBILITYPlan, direct, or coordinate activities in such fields as electronic data processing, information systems, systems analysis, and computer programming. Research, recommend, develop, maintain, and update domestic and overseas cybersecurity policies, to include use of new and emerging technology (e.g. WiFi, cloud,...
-
Information Assurance Policy Analyst
3 days ago
Washington, United States Information Protection Solutions Full timeJob DescriptionJob DescriptionRESPONSIBILITYPlan, direct, or coordinate activities in such fields as electronic data processing, information systems, systems analysis, and computer programming. Research, recommend, develop, maintain, and update domestic and overseas cybersecurity policies, to include use of new and emerging technology (e.g. WiFi, cloud,...
-
Information Systems Security Manager/Officer
5 days ago
Washington, United States Watershed Security Full timeCOMPANY OVERVIEW Watershed Security is a Veteran Owned Small Business and a leader in providing quality Cyber Security Services to the Federal Government. Watershed is a great place to work, offering a challenging and respectful work environment. We are growing fast and strive to deliver our vision every day: “To inspire trust and respect with our...
-
Information Systems Security Manager/Officer
6 days ago
Washington, United States Watershed Security Full timeJob DescriptionJob DescriptionCOMPANY OVERVIEWWatershed Security is a Veteran Owned Small Business and a leader in providing quality Cyber Security Services to the Federal Government. Watershed is a great place to work, offering a challenging and respectful work environment. We are growing fast and strive to deliver our vision every day: “To inspire trust...
-
Information Assurance Analyst
1 week ago
Washington, United States Excentium Full timeInformation Assurance Analyst - Senior CITIZENSHIP: US Citizenship LOCATION: Remote CLEARANCE: N/A Excentium, Inc. is a Service-Disabled Veteran Owned Small Business (SDVOSB) passionate about reducing the vulnerabilities of our Nation's Cyberspace. Since 2006, we have attacked cyber security challenges on two fronts: by partnering with government to reduce...
-
Information Security Analyst
2 weeks ago
Washington, United States Optimized Technical Solutions Inc Full timeJob Description: Support personnel to staff the USDA NSSP Support Team. Personnel will serve as alternate Communications Security (COMSEC) Custodians and perform multiple COMSEC management tasks, support the operations and use of multiple classified communications conferencing devices, staff the classified computer network center daily M-F from 7:30am -...