IT Security Analyst

Hello There

My name is Himanshu Sharma and I serve as the Recruitment Lead at Kanak-IT INC. I am reaching out to share an excellent career opportunity for the role of IT Security Analyst with our esteemed client. If you are interested then please share your updated resume at .

Job Description

Role: IT Security Analyst

Location: Herndon VA VA/DC local; hybrid - a minimum of 3 days in office

MUST HAVES:

• Demonstrated knowledge and the ability to analyze systems for Cybersecurity compliance
• Ability to work in fast-paced team-oriented environment
• Knowledge of various security scanning tools (Such as NESSUS Splunk or Application scanning)
• Knowledge of Federal and DoD policies and risk assessment methodologies including FedRAMP
• Experience in writing or executing system security documentation authorization to operate packages POA&Ms and policies
• Experience in reviewing/editing/writing technical documents
• Presentation and public speaking skills required
• Knowledge of DISA STIGs and SRGs Committee for National Security Systems Instructions and NIST Risk Management Framework
• Knowledge and understanding of systems and networking technologies and concepts
• Ability to interpret and assess network diagrams and drawings using Visio
• Familiarity with Testing Development Staging and pre-production environment requiring cyber security support
• Knowledge of Privacy Act
• Bachelors degree in computer information systems or math/sciences

Job Requirements:

• Understand/document information system specifications and security controls including logical and physical diagrams connectivity communication and data flow diagrams both internal and external to the system
• Advise stakeholders on multiple courses of action in an environment with changing unconfirmed policy e.g. NIST RMF and DISA SRG
• Document multiple courses of action and identify risk mitigation recommendations in accordance with FedRAMP requirements SAP policy procedures and best practices with associated benefits/drawbacks to each
• Apply enterprise security frameworks and capabilities such as FISMA NIST SP 800 etc. towards existing initiatives such as cloud environments
• Develop/update policies and procedures to implement FedRAMP compliance as well as compliant with NIST 800-171 security requirements and other DFAR clauses
• Understand enterprise operating environments including security posture application environment and associated security controls
• Demonstrate familiarity with current FedRAMP DOD and NIST Security controls and technologies including vulnerability management capabilities
• Identify and assess Cloud System state including vulnerabilities RMF package status/accreditation model PPS compliance and patching/CSVA mechanisms