Posted today
Secret
Senior Level Career (10+ yrs experience)
$110,000 - $130,000
No Traveling
IT - Security
Kearneysville, WV (Off-Site/Hybrid)
Senior Information Security Analyst (Security)
Responsibilities:
• Lead remediation of legacy STIG and vulnerability findings across all Areas of Responsibility (AOR).
• Review vulnerability data, prioritize remediation efforts based on risk, and coordinate with system administrators for focused resolution of backlog vulnerabilities.
• Validate all remediation activities to ensure compliance with applicable standards and security policies.
• Collaborate with ISSOs to resolve data inconsistencies and meet ATO deadlines for system boundaries.
• Document all remediation processes and outcomes to establish repeatable procedures and maintain compliance.
• Support continuous improvement of security posture through proactive identification and mitigation of vulnerabilities.
Qualifications:
• Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or related field with 8+ years (or commensurate expertise).
Required Skills and Experience:
• Clearance: Active Secret clearance.
• Certifications: DoD 8570 IAT Level II (e.g., Security+ CE, CySA+).
• STIG Expertise: Advanced hands-on experience with STIG configuration and remediation for Windows and Linux servers.
• Security Leadership: Proven ability to lead security initiatives and coordinate cross-functional teams.
• Risk Management: Strong understanding of vulnerability management, risk assessment, and prioritization strategies.
• Compliance: Deep knowledge of DoD RMF, NIST frameworks, and other security standards.
• Documentation: Ability to produce detailed, clear documentation for technical and executive audiences.
Preferred Skills and Experience
◦ Experience supporting DoD or U.S. Coast Guard environments.
◦ Scripting & Automation: Proficiency in PowerShell, Python, or similar scripting languages for automation of security tasks.
◦ Cloud Security: Experience with AWS, Azure, or other cloud platforms in secure environments.
◦ Database Security: Familiarity with Oracle or SQL Server hardening and vulnerability remediation.
◦ Certifications: CISSP or equivalent preferred.
◦ DevSecOps: Understanding of CI/CD pipelines and integration of security controls in DevOps environments.
Responsibilities:
• Lead remediation of legacy STIG and vulnerability findings across all Areas of Responsibility (AOR).
• Review vulnerability data, prioritize remediation efforts based on risk, and coordinate with system administrators for focused resolution of backlog vulnerabilities.
• Validate all remediation activities to ensure compliance with applicable standards and security policies.
• Collaborate with ISSOs to resolve data inconsistencies and meet ATO deadlines for system boundaries.
• Document all remediation processes and outcomes to establish repeatable procedures and maintain compliance.
• Support continuous improvement of security posture through proactive identification and mitigation of vulnerabilities.
Qualifications:
• Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or related field with 8+ years (or commensurate expertise).
Required Skills and Experience:
• Clearance: Active Secret clearance.
• Certifications: DoD 8570 IAT Level II (e.g., Security+ CE, CySA+).
• STIG Expertise: Advanced hands-on experience with STIG configuration and remediation for Windows and Linux servers.
• Security Leadership: Proven ability to lead security initiatives and coordinate cross-functional teams.
• Risk Management: Strong understanding of vulnerability management, risk assessment, and prioritization strategies.
• Compliance: Deep knowledge of DoD RMF, NIST frameworks, and other security standards.
• Documentation: Ability to produce detailed, clear documentation for technical and executive audiences.
Preferred Skills and Experience
◦ Experience supporting DoD or U.S. Coast Guard environments.
◦ Scripting & Automation: Proficiency in PowerShell, Python, or similar scripting languages for automation of security tasks.
◦ Cloud Security: Experience with AWS, Azure, or other cloud platforms in secure environments.
◦ Database Security: Familiarity with Oracle or SQL Server hardening and vulnerability remediation.
◦ Certifications: CISSP or equivalent preferred.
◦ DevSecOps: Understanding of CI/CD pipelines and integration of security controls in DevOps environments.
group id: 10112156
