Job ID: VA-620435 (96590116)
Security Analyst with Vulnerability scanning, penetration testing, Windows/Linux and cloud computing experience
Location: Richmond VA (ABC)
Duration: 4 months
Interview: In-person only (local Richmond candidates strongly preferred)
Skills Required:
Experience as an Information Security AnalystRequired5Years
Industry Related Security CertificationsHighly desired
Atleast Four year DegreeHighly desired
Experience with Vulnerability scanningRequired3Years
Experience with Penetration TestingHighly desired3Years
Experience with Windows, Linux and Cloud computingRequired3Years
Description:
Senior Information Security Analyst to ensure that a consistent, dependable, and high level of technical security is maintained and the authority’s data and information systems are adequately protected. This position protects authority systems by monitoring for incidents and misuse, designing and documenting controls to protect those systems, and implementing controls or directing their implementation.
Monitoring functions include regular review of web proxy logs, intrusion detection systems, web application firewalls, vulnerability scan results, building badge access, system access logs, and other sources of security intelligence. Control implementation will require technical knowledge as well as project management techniques to ensure vendors implement properly. This includes firewall rule development, patching, system hardening, developing log correlation searches, writing IDS rules, or developing other processes to protect agency systems and data.
Primary job functions include monitoring sources of security intelligence for actionable information, developing controls for improvement, and documenting for later implementation. For example, review vulnerability scan results, prioritize patch methodology for ideal remediation, and document instructions for operations to implement.
Secondary functions include assisting the Information Security Officer (ISO) in identifying security goals, objectives, enforcing agency security policies and standards. Provide technical guidance regarding information security matters, security assessments, analysis, security laws, policies, rules, and regulations. Position also serves as backup point of contact for ABC Security Incident reporting and works with Internal Audit to assist with information security assessments, and maintain constituent relationships required in order to ensure sound IT Security.
Selected candidate must have subject matter expertise in the areas of Linux, Windows, and Active Directory security configuration and design, standards-based authorization mechanisms, monitoring/alerting, intrusion detection, disaster recovery, and broad experience of information technology including networking protocols, encryption, firewalls, vulnerability management, incident response, wireless network security, and telecommunication services.
Experience with security operations, threat analysis, monitoring systems, configuring SIEM, or IDS, NIST 800-53, COV SEC-501, and a four year degree in information systems or a related field are preferred.
Incident response, penetration testing, or forensics training or experience, and industry security certifications is a plus.