Information Security Analyst

3 weeks ago

Washington, United States Super Systems Inc Full time

This role is hybrid
- 2x a week onsite-3x a week REMOTE

The Senior Information Systems Security Analyst will support IT management with control assessment, development, and maintenance, and risk assessment and response development. Specifically, this job requires the following:

- Develop and maintain IT security controls per NIST SP 800-53 and Agency Security Policy standards.
- Consult with experts to ensure work instructions align with agency security standards.
- Conduct risk assessments for security issues and propose resolutions.
- Document and communicate control deficiencies for POA&M consideration.
- Support Continuous Security Monitoring for compliance with agency Security Policy
- Assist in developing security policies, ensuring compliance, and updating documentation.
- Review and assess POA&M outputs, recommending additional work or closure.
- Support IT Governance, Risk, and Compliance activities, including standards management.
- Provide information for status reports, briefings, schedules, and project plans in written and oral form.

**Qualifications**
- One or more current Security certifications (CISSP, CISM, Security+).
- Experience serving in an information system engineer/administrator role implementing security controls.

**REQUIRED SKILLS**:

- A solid understanding of IT security controls, tools, and concepts.
- Experience working in a technical environment with IT platforms such as Microsoft Office 365, Azure, Cisco, Oracle, etc.
- Understanding of OMB M-22-09 and EO 14028
- Experience with NIST Risk Management and Cybersecurity Framework, FISMA, NIST 800-53, and IT control processes.
- Experience implementing security measures within information systems engineering projects.
- Knowledge of cloud security principles and best practices, particularly for major cloud platforms like AWS, Azure, or Google Cloud.
- Familiarity with GRC frameworks/tools (Archer, eMASS, CSAM) and SA&A tools (Xacta).
- Knowledge of cyber-attack patterns, Tactics, Techniques, and Procedures.
- Ability to adapt security processes/tools to evolving landscapes and risk scenarios.
- Proficiency in network security principles, including firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, and secure network architectures.
- Strong understanding of operating systems (e.g., Windows, Linux/Unix) and their security features and vulnerabilities.
- Knowledge of encryption protocols and techniques, such as SSL/TLS, AES, RSA, etc.
- Familiarity with security assessment tools and techniques, including vulnerability scanning, penetration testing, and ethical hacking.
- Experience with security information and event management (SIEM) systems for log analysis and threat detection.
- Fluency in spoken/written English for technical content, with strong communication skills.
- Experience producing high-quality deliverables with mínimal edits, quick review, and feedback on federal security doctrine.
- Ability to thrive in a fast-paced environment, outstanding customer service skills.
- Ability to document processes, explain complex policies in simple terms.
- Familiarity with latest IT trends, security standards, excellent analytical thinking, and problem-solving skills.

Pay: $115,000.00 - $130,000.00 per year

**Benefits**:

- 401(k)
- Dental insurance
- Health insurance
- Paid time off
- Vision insurance

Compensation package:

- Weekly pay
- Yearly pay

Experience level:

- 7 years

Schedule:

- Monday to Friday

**Education**:

- Bachelor's (required)

**Experience**:

- information system engineer/administrator: 7 years (required)
- implementing security controls: 5 years (preferred)
- Understanding of OMB M-22-09 and EO 14028: 3 years (required)
- NIST Risk Management and Cybersecurity Framework: 4 years (required)
- FISMA, NIST 800-53, and IT control processes: 4 years (required)
- Working in an Azure Environment: 3 years (required)
- GRC frameworks (eMASS, CSAM) and SA&A tools (Xacta): 1 year (required)
- Knowledge of cyber-attack patterns: 1 year (required)
- network security principles (firewalls, intrusion (IDS/IPS): 3 years (required)
- security information and event management (SIEM) systems: 3 years (required)

Security clearance:

- Confidential (preferred)

Ability to Commute:

- Washington, DC 20554 (required)

Work Location: Hybrid remote in Washington, DC 20554

  • Information Security Analyst

    1 week ago

    Washington, United States MUNICIPAL SECURITIES RULEMAKING BOARD Full time

    The Information Security Analyst is responsible for securing the MSRB by supporting existing controls and processes across multiple dimensions and domains, including MSRB Web Applications, Cloud environments, networks, SaaS platforms, and enterprise systems. The analyst will support operational security processes by triaging our security alerts, phishing...

  • Information Security Analyst

    4 weeks ago

    Washington, United States Municipal Securities Rulemaking Board Full time

    The Municipal Securities Rulemaking Board (MSRB) seeks an Information Security Analyst who will play a key role in safeguarding our organization by actively engaging in operational security procedures. The Information Security Analyst will manage day-to-day security tasks, which include managing alerts, investigating phishing incidents, resolving end user...

  • Information Security Analyst

    4 weeks ago

    Washington, United States Municipal Securities Rulemaking Board Full time

    The Municipal Securities Rulemaking Board (MSRB) seeks an Information Security Analyst who will play a key role in safeguarding our organization by actively engaging in operational security procedures. The Information Security Analyst will manage day-to-day security tasks, which include managing alerts, investigating phishing incidents, resolving end user...

  • Information Security Analyst

    4 weeks ago

    Washington, United States Municipal Securities Rulemaking Board Full time

    The Municipal Securities Rulemaking Board (MSRB) seeks an Information Security Analyst who will play a key role in safeguarding our organization by actively engaging in operational security procedures. The Information Security Analyst will manage day-to-day security tasks, which include managing alerts, investigating phishing incidents, resolving end user...

  • Information Security Analyst

    4 weeks ago

    Washington, United States Municipal Securities Rulemaking Board Full time

    The Municipal Securities Rulemaking Board (MSRB) seeks an Information Security Analyst who will play a key role in safeguarding our organization by actively engaging in operational security procedures. The Information Security Analyst will manage day-to-day security tasks, which include managing alerts, investigating phishing incidents, resolving end user...

  • Information Security Analyst

    3 weeks ago

    Washington, United States Municipal Securities Rulemaking Board Full time

    The Municipal Securities Rulemaking Board (MSRB) seeks an Information Security Analyst who will play a key role in safeguarding our organization by actively engaging in operational security procedures. The Information Security Analyst will manage day-to-day security tasks, which include managing alerts, investigating phishing incidents, resolving end user...

  • Information Security Analyst

    4 weeks ago

    Washington, United States Municipal Securities Rulemaking Board Full time

    The Municipal Securities Rulemaking Board (MSRB) seeks an Information Security Analyst who will play a key role in safeguarding our organization by actively engaging in operational security procedures. The Information Security Analyst will manage day-to-day security tasks, which include managing alerts, investigating phishing incidents, resolving end user...

  • Information Security Analyst

    2 weeks ago

    Washington, United States Municipal Securities Rulemaking Board Full time

    The Municipal Securities Rulemaking Board (MSRB) seeks an Information Security Analyst who will play a key role in safeguarding our organization by actively engaging in operational security procedures. The Information Security Analyst will manage day-to-day security tasks, which include managing alerts, investigating phishing incidents, resolving end user...

  • Information Security Analyst

    4 weeks ago

    Washington, United States Municipal Securities Rulemaking Board Full time

    The Municipal Securities Rulemaking Board (MSRB) seeks an Information Security Analyst who will play a key role in safeguarding our organization by actively engaging in operational security procedures. The Information Security Analyst will manage day-to-day security tasks, which include managing alerts, investigating phishing incidents, resolving end user...

  • Information Security Analyst

    4 weeks ago

    Washington, United States Municipal Securities Rulemaking Board Full time

    The Municipal Securities Rulemaking Board (MSRB) seeks an Information Security Analyst who will play a key role in safeguarding our organization by actively engaging in operational security procedures. The Information Security Analyst will manage day-to-day security tasks, which include managing alerts, investigating phishing incidents, resolving end user...

  • Information Security Analyst

    3 weeks ago

    Washington, United States Municipal Securities Rulemaking Board Full time

    The Municipal Securities Rulemaking Board (MSRB) seeks an Information Security Analyst who will play a key role in safeguarding our organization by actively engaging in operational security procedures. The Information Security Analyst will manage day-to-day security tasks, which include managing alerts, investigating phishing incidents, resolving end user...

  • Information Security Analyst

    2 weeks ago

    Washington, United States Municipal Securities Rulemaking Board Full time

    The Municipal Securities Rulemaking Board (MSRB) seeks an Information Security Analyst who will play a key role in safeguarding our organization by actively engaging in operational security procedures. The Information Security Analyst will manage day-to-day security tasks, which include managing alerts, investigating phishing incidents, resolving end user...

  • Information Security Analyst

    4 weeks ago

    Washington, United States Municipal Securities Rulemaking Board Full time

    The Municipal Securities Rulemaking Board (MSRB) seeks an Information Security Analyst who will play a key role in safeguarding our organization by actively engaging in operational security procedures. The Information Security Analyst will manage day-to-day security tasks, which include managing alerts, investigating phishing incidents, resolving end user...

  • Information Security Analyst

    2 weeks ago

    Washington, United States Municipal Securities Rulemaking Board Full time

    The Municipal Securities Rulemaking Board (MSRB) seeks an Information Security Analyst who will play a key role in safeguarding our organization by actively engaging in operational security procedures. The Information Security Analyst will manage day-to-day security tasks, which include managing alerts, investigating phishing incidents, resolving end user...

  • Information Security Analyst

    1 week ago

    Washington, United States E-Logic, Inc. Full time

    The job position is for an experienced Information Security Analyst at the Department of Homeland Security (DHS), as a part of the agency's cybersecurity team. The Information Security Analyst will take the utmost explanation concerning DHS’ systems, networks, and data by way of security events and incidents monitoring, analyzing and...

  • Information/Operations Security Analyst

    1 week ago

    Washington, United States Dynamis Full time

    Job Description Job Description Dynamis is seeking a Information/Operations Security Analyst to support the National Nuclear Security Administration's (NNSA) operational and technical support services of the Office of Defense Nuclear Security (NA-70). This position will either support the Washington, DC or Germantown, MD onsite office. DOE Top Secret, DOE Q...

  • Information/Operations Security Analyst

    1 week ago

    Washington, United States Dynamis Full time

    Dynamis is seeking a Information/Operations Security Analyst to support the National Nuclear Security Administration's (NNSA) operational and technical support services of the Office of Defense Nuclear Security (NA-70). This position will either support the Washington, DC or Germantown, MD onsite office. DOE Top Secret, DOE Q or DoD Top Secret clearance is...

  • Information/Operations Security Analyst

    2 months ago

    Washington, United States Dynamis, Inc. Full time

    Job DescriptionJob DescriptionDynamis is seeking a Information/Operations Security Analyst to support the National Nuclear Security Administration's (NNSA) operational and technical support services of the Office of Defense Nuclear Security (NA-70). This position will either support the Washington, DC or Germantown, MD onsite office.DOE Top Secret, DOE Q...

  • Information/Operations Security Analyst

    2 weeks ago

    Washington, United States Dynamis, Inc. Full time

    Job DescriptionJob DescriptionDynamis is seeking a Information/Operations Security Analyst to support the National Nuclear Security Administration's (NNSA) operational and technical support services of the Office of Defense Nuclear Security (NA-70). This position will either support the Washington, DC or Germantown, MD onsite office.DOE Top Secret, DOE Q...

  • Information Security Analyst

    2 weeks ago

    Washington, Washington, D.C., United States RightDirection Technology Solutions Full time

    RightDirection Technology Solutions LLCDescription:An Information Security Analyst is needed to support the Dept of State customer base and will work as a member of the Global Talent Management (GTM Help Desk) in Washington, DC. This role is full-time, standard work week and hours, and hybrid (one week a month onsite).The User Security team will establish,...