Jobs · Information Technology · Virginia

Information Security Analyst Sr Adv/Information Systems Security Officer (TS/SCI with Poly Required)

GCI Incorporated · Virginia, United States · 4 mo ago
On-siteInformation TechnologyFull-time

Duties

  • Performs audit log analysis, report generation and brief findings to Senior Management.
  • In coordination with Senior Management, develops information system security policies, CONOPS, guides, etc.
  • Captures security investigations of all suspected computer security violations, incidents, and compromises in accordance with GCI’s incident response program.
  • Responsible for Information Assurance (IA) processes, procedures, and compliance for all assigned Information Systems (IS).
  • Conducts security audits and ensures that audit trails are reviewed and audit records archived in accordance with GCI and Customer security requirements.
  • Ensures IS are operated, used, maintained and disposed of appropriately in accordance with GCI and/or Customer security procedures, directives, guidelines, regulations, and policies.
  • Develops and maintains system security documentation such as Security Plans, Security Operating Procedures, CONOPS, required policies and documentation to support system compliance for assigned security frameworks (e.g. NIST RMF/CSF, NISPOM, ICD Publications, CUI, CMMS) in coordination with the IAM (Information Assurance Manager) and Information System Security Manager (ISSM).
  • Conducts periodic reviews, self-inspections, and/or assessments to ensure IS(s) meet Senior Management and customer security requirements as well as during A&A activities.
  • Conducts user training and awareness activities under the direction of the company IAM, ISSM, or Customer Security.
  • Participates in self-assessment of system safeguards and program elements and in assessment and authorization of the system.
  • Serves as member of the Configuration Management Board for system(s) for which they are responsible.
  • Captures approval from senior management and/or Customer Security representatives for the procurement of software, hardware, and firmware for use on assigned IS(s).

Qualifications

  • Possess a working knowledge of industry best practices for Information Assurance as well as applicable information security documents such as ICD 503, Risk Management Framework (RMF), NISPOM, and NIST.
  • Self-starter that is mission focused and able to work in a dynamic work environment with a diverse set of personalities.
  • Strong documentation, analysis, and oral/written communications skills.

Required

  • Security+ CE Certification
  • 5 or more years of experience across System Administration or Network Administration/Engineering with at least 3 years supporting IA/INFOSEC

Desired

  • CISSP Certification
  • Network+ Certification
  • IT Certifications from Microsoft, Linux, and/or Cisco
  • ISC2-SSP (System Security Certified Practitioner)
  • ISC2-CRGC (Governance, Risk and Compliance Certification)
  • ISC2-ISSMP (Information Systems Security Management Professional)

Education

  • Bachelor's or higher preferred.

Experience

  • 5 years: Experience across System Administration or Network Administration/Engineering with at least 3 years supporting IA/INFOSEC

Location

  • Reston, VA

Equal Opportunity Employer

  • Individuals with Disabilities / Protected Veterans

Similar jobs