Information Security \u0026 Systems Analyst (TS/SCI with Poly Re

This is a dual-hatted position, responsible for information security and systems analyst support. This individual will ensure security integration through purposeful security design and configuration, and will research alternatives to solve problems. The individual will work closely with other project managers and various software engineering, infrastructure, and technical operations teams to assess requirements, coordinate systems resources, and deliver information security updates for the customer. The ideal candidate will have experience performing industry-standard ISSE tasks, as well as experience in systems analysis to tailor standard process and systems lifecycles to function effectively in a small, fast-paced environment. This individual is a self-starter and independently identifies gaps and proposes solutions. S/he must have strong written and verbal communication skills and the ability to articulate technical project requirements to individuals, customers and internal teams.

GCI embodies excellence, integrity and professionalism. The employees supporting our customers deliver unique, high-value mission solutions while effectively leverage the technological expertise of our valued workforce to meet critical mission requirements in the areas of Data Analytics and Software Development, Engineering, Targeting and Analysis, Operations, Training, and Cyber Operations. We maximize opportunities for success by building and maintaining trusted and reliable partnerships with our customers and industry.

At GCI, we solve the hard problems. As an Information Security & Systems Analyst, a typical day will include the following duties:

KEY RESPONSIBILITIES

ISSE Support

• Develop and implement security designs for new or existing network system(s)
• Support the development, review, and maintenance of security documentation including System Security Plans (SSPs), POA&Ms, and Continuous Monitoring artifacts.
• Ensure system security controls are implemented, tested, and maintained in accordance with relevant customer directives.
• Attends customer meetings and serves as primary liaison to the customer ISSM
• Ensures system compliance with customer Assessment and Authorization (A&A) process
• Ensures system compliance with customer Certification and Accreditation policies
• Conducts system vulnerability scans
• Provides support to system patches and updates
• Provides assessments of the security impact of network changes
• Provides support to the management and control of system changes
• Develops, coordinates and maintains System Security Plans (SSP) if needed
• Implement and enforce information systems security policies ensuring system security requirements are addressed during all phases of the acquisition and system lifecycle
• Supports the customer to resolve conflicting system security engineering requirements; makes recommendations as needed
• Develops and maintain processes and procedures to identify, track and mitigate customer system vulnerabilities

Systems Analyst Support

• Investigates and recommends solutions or methodology to support and provide innovation and efficiencies
• Supports existing workflows and identifies opportunities to improve; provides recommended solutions to gaps in workflows
• Provides manual and automated solutions for transforming data into useful information or for data visualization; for example, experience using PowerBi or Python scrips to transform data into useful information
• Creates, reviews, and/or provides input on business processes and SOPs
• Rebuilds workstations and sets up user accounts
• Provides data transfer services between systems
• Reviews data tracking and hosting procedures to ensure compliance
• Provides recommendations/solutions on tracking and analysis of data usage and data value
• Preforms capability analysis to understand dependencies and shortfalls of current technologies and capabilities

EDUCATION AND EXPERIENCE

Bachelor's degree in a related business or technical discipline (Systems Security Engineering, Software Engineering, or Computer Science, etc.), or the equivalent combination of education, technical training, or work/military experience

REQUIRED QUALIFICATIONS

• Expert technical knowledge in security engineering and IT systems engineering
• Experience with testing methods, automated tools, plans, and procedures for verification of compliance and vulnerability requirements
• Demonstrated on-the-job knowledge experience with reviewing security concepts of operations, systems security plans, security control assessments, contingency plans, configuration management plans, incident response plans, vulnerability scanning, and/or vulnerability management plans
• Experience with modern networks, desktops, operating systems, databases, and virtual computing
• Experience conducting information system security control assessments (SCAs) and applying standard auditing techniques during systems security control assessments, including the proper interpretation of the control requirements, determining if the artifacts provided are sufficient and recommending remedial action to Government customer to ensure compliance
• Experience with using scanning applications
• Demonstrated on-the-job experience with Jira Software for planning and tracking projects
• Demonstrated on the job experience building PowerBI dashboards
• Demonstrated on the job experience in systems analysis and providing current technology recommendations for solutions
• Demonstrated on-the-job experience effectively communicating across programs and with customers, stakeholders, and other contractors
• Demonstrated on-the-job experience managing priorities across multiple projects (time management)
• Demonstrated ability to work independently and drive results with a small team

DESIRED QUALIFICATIONS

• Hold at least one of the following certifications: Certified Information Systems Security Professional (CISSP), CompTIA Advanced Security Practitioner (CASP) CE, Certified Secure Software Lifecycle Professional (CSSLP), CISSP- Information System Security Engineering Professional (ISSEP), or CISSP- Information System Security Architecture Professional (ISSAP)

*A candidate must be a US Citizen and requires an active/current TS/SCI with polygraph clearance.

Equal opportunity employer / Individuals with Disabilities / Protected Veterans