Information Systems Security Analyst

Job Type

Full-time

Description

Primary Location: Dahlgren, VA

Clearance: Active Secret

Ability to work remotely: No

Job Summary

Obsidian Solutions Group is seeking a highly skilled Information Systems Security Analyst to provide comprehensive cybersecurity support for critical government systems and networks. The Information Systems Security Analyst will be responsible for implementing and maintaining security controls, conducting risk assessments, monitoring for security incidents, and ensuring compliance with federal cybersecurity standards and regulations. This role requires deep technical expertise in cybersecurity principles, threat analysis, network security architecture, and incident response, combined with strong knowledge of DoD and federal security policies.

Specific Responsibilities

• Apply cybersecurity principles, threat analysis, vulnerability assessment, and risk management processes to protect government information systems
• Implement and manage encryption algorithms including IPSEC, AES, GRE, IKE, MD5, SHA, and 3DES
• Develop and maintain data backup and recovery procedures and disaster recovery/continuity of operations plans
• Configure and manage host/network access control mechanisms including Access Control Lists (ACLs)
• Conduct incident response and handling activities following established methodologies
• Perform intrusion detection, network traffic analysis, and security monitoring
• Analyze system and application security threats and vulnerabilities including buffer overflow, cross-site scripting, and SQL injection attacks
• Design and implement security architecture using enterprise architecture reference models
• Ensure compliance with national and international cybersecurity laws, regulations, policies, and ethics standards
• Monitor current and emerging threats and threat vectors to proactively defend against attacks
• Conduct penetration testing using industry-standard principles, tools, and techniques
• Perform system administration, network hardening, and operating system security configuration
• Implement and manage cloud security controls for SaaS, IaaS, and PaaS environments
• Protect sensitive data including PII, PCI, and PHI in accordance with data security standards
• Support information security program management and risk management processes
• Participate in secure acquisitions and IT supply chain security activities

Requirements

Required Qualifications

• Four (4) years of experience in Cybersecurity
• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field required
• DOD 8570 IAT II certifications required (Security+ or equivalent)
• Active Secret, Top Secret, or TS/SCI clearance required
• Expert knowledge of cybersecurity principles, threats, vulnerabilities, and risk management processes
• Proficiency with encryption algorithms (IPSEC, AES, GRE, IKE, MD5, SHA, 3DES)
• Experience with data backup and recovery concepts, tools, and disaster recovery planning
• Strong knowledge of host/network access control mechanisms (ACLs)
• Experience with incident response and handling methodologies
• Proficiency in intrusion detection methodologies and network traffic analysis methods
• Expert knowledge of network protocols (TCP/IP, OSI model)
• Experience identifying and mitigating system and application security threats (buffer overflow, cross-site scripting, SQL injection)
• Knowledge of security architecture concepts and enterprise architecture reference models
• Understanding of national and international cybersecurity laws, regulations, policies, and ethics
• Knowledge of current and emerging threats, threat vectors, and enterprise incident response programs
• Experience with penetration testing principles, tools, and techniques
• Strong computer networking knowledge including protocols and security methodologies
• Experience with system performance and availability monitoring
• Knowledge of system software and organizational design standards (ISO guidelines)
• Understanding of system life cycle management principles including software security and usability
• Experience with system/server administration and systems engineering concepts
• Proficiency with server and client operating systems
• Knowledge of network security architecture concepts (topology, protocols, defense-in-depth)
• Experience with network systems management principles and tools
• Proficiency in system administration, network, and operating system hardening techniques
• Knowledge of cloud computing service and deployment models (SaaS, IaaS, PaaS)
• Experience with cloud security strategy and architecture
• Understanding of data security standards (PII, PCI, PHI)
• Knowledge of information security program management and project management principles
• Understanding of resource management principles and risk management processes
• Experience with secure acquisitions, procurement, and supply chain risk management
• Knowledge of IT supply chain security and risk management
• Understanding of applicable laws, statutes, Presidential Directives, and guidelines related to cybersecurity and privacy
• Knowledge of organizational risk tolerance and risk management approaches
• Understanding of critical IT procurement requirements

Physical Requirements and Work Environment

• Typical office environment with standard computer workstation setup
• May require extended periods of sitting and computer use
• Ability to work in secure facilities and handle classified information
• May require work in data center environments periodically

Travel

• Travel may be required up to 10% depending on contract requirements and customer location

Company Description

Obsidian Solutions Group LLC (OSG) is a fast-growing professional services firm based in Fredericksburg, VA. We create value for our customers by delivering technology-enabled & mission-oriented technical solutions that solve complex problems, protecting people, information, and assets. Our core capabilities are in providing Enterprise IT, Intelligence Analysis, Production & Development and Knowledge-Based Professional Services Solutions that enable the customer's mission. Obsidian Solutions Group LLC is a certified 8(a), service-disabled, veteran-owned small business.

A career at Obsidian Solutions Group means you are able to put your expertise, credentials, and talents to great use working with customers in the DOD and Intelligence Community, while enjoying the excitement of working in a fast-growing organization committed to making a difference for our customers and in our community. Contribute independently and collaboratively alongside our amazing team of doers and thinkers. Obsidian Solutions Group is small enough to offer a family atmosphere yet large enough to deliver a highly competitive compensation package. We hire and retain the best in the industry, offering exceptional benefits that protect the well-being of our employees, their spouses and domestic partners, and their families.

Our corporate philosophy is centered on hiring and retaining employees with the requisite skills, professional experience, personal commitment, and ethical standards necessary to foster a culture of operational excellence necessary to surpass our customer's expectations.

Disclaimer

The above information on this description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job.

Obsidian Solutions Group is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy and gender identity), national origin, political affiliation, sexual orientation, marital status, disability, genetic information, age, membership in an employee organization, parental status, protected veteran status, and any other non-merit factor, or any other characteristic protected by law.