Navy Information Systems Security Analyst Secret Clearance Required

Dahlgren, VA - USA

Monthly Salary: Not Disclosed

Posted on: 30+ days ago

Vacancies: 1 Vacancy

Job Summary

cFocus Software seeks an Information Systems Security Analyst to join our program supporting the Department of Defense (DoD). This position is remote. This position requires the ability to obtain a Secret clearance.
Qualifications:

B.S. Computer Science Information Technology or a related field
4 years of Cybersecurity experience
Cybersecurity Expertise to include:
- Cybersecurity principles threats vulnerabilities and risk management processes
- Encryption algorithms (e.g. Internet Protocol Security (IPSEC) Advanced Encryption Standard (AES) General Routing Encapsulation (GRE) Internet Key Exchange (IKE) Message Digest 5 (MD5) Secure Hash Algorithm (SHA) Triple Data Encryption Algorithm (3DES))
- Data backup and recovery concepts and tools
- Disaster recovery and continuity of operations planning
- Host/network access control mechanisms (e.g. Access Control Lists (ACLs))
- Incident response and handling methodologies
- Intrusion detection methodologies and techniques
- Network trafic analysis methods
- Network protocols (Transmission Control Protocol /Internet Protocol (TCP/IP) and Open System Interconnection (OSI) model
- System and application security threats and vulnerabilities (e.g. bufer overﬂow cross-site scripting SQL injection)
- Security architecture concepts and enterprise architecture reference models
- National and international cybersecurity laws regulations policies and ethics
- Current and emerging threats and threat vectors
- Enterprise incident response program roles and responsibilities
Penetration testing principles tools and techniques
- Computer networking concepts protocols and security methodologies
- System performance and availability monitoring
- System software and organizational design standards (e.g. International Organization of Standardization (ISO) guidelines)
- System life cycle management principles including software security and usability
- System/server administration and systems engineering concepts and methods
- Server and client operating systems
- Network security architecture concepts (topology protocols defense-in-depth)
- Network systems management principles and tools
- Basic system administration network and operating system hardening techniques
- Cloud computing service and deployment models (SaaS IaaS PaaS)
- Cloud security strategy and architecture
- Data security standards Personally Identiﬁable Information (PII) Payment Card Information (PCI) Protected Health Information (PHI))
- Information security program management and project management principles
- Resource management principles and techniques
- Risk management processes (assessment and mitigation)
- Secure acquisitions (e.g. Contracting duties secure procurement supply chain risk management)
- Information technology (IT) supply chain security and risk management
- Applicable laws statutes Presidential Directives and guidelines related to cybersecurity and privacy
- Organizational risk tolerance and risk management approach
- Critical IT procurement requirements

Required Experience:

Senior IC

B.S. Computer Science Information Technology or a related field
4 years of Cybersecurity experience
Cybersecurity Expertise to include:
- Cybersecurity principles threats vulnerabilities and risk management processes
- Encryption algorithms (e.g. Internet Protocol Security (IPSEC) Advanced Encryption Standard (AES) General Routing Encapsulation (GRE) Internet Key Exchange (IKE) Message Digest 5 (MD5) Secure Hash Algorithm (SHA) Triple Data Encryption Algorithm (3DES))
- Data backup and recovery concepts and tools
- Disaster recovery and continuity of operations planning
- Host/network access control mechanisms (e.g. Access Control Lists (ACLs))
- Incident response and handling methodologies
- Intrusion detection methodologies and techniques
- Network trafic analysis methods
- Network protocols (Transmission Control Protocol /Internet Protocol (TCP/IP) and Open System Interconnection (OSI) model
- System and application security threats and vulnerabilities (e.g. bufer overﬂow cross-site scripting SQL injection)
- Security architecture concepts and enterprise architecture reference models
- National and international cybersecurity laws regulations policies and ethics
- Current and emerging threats and threat vectors
- Enterprise incident response program roles and responsibilities
Penetration testing principles tools and techniques
- Computer networking concepts protocols and security methodologies
- System performance and availability monitoring
- System software and organizational design standards (e.g. International Organization of Standardization (ISO) guidelines)
- System life cycle management principles including software security and usability
- System/server administration and systems engineering concepts and methods
- Server and client operating systems
- Network security architecture concepts (topology protocols defense-in-depth)
- Network systems management principles and tools
- Basic system administration network and operating system hardening techniques
- Cloud computing service and deployment models (SaaS IaaS PaaS)
- Cloud security strategy and architecture
- Data security standards Personally Identiﬁable Information (PII) Payment Card Information (PCI) Protected Health Information (PHI))
- Information security program management and project management principles
- Resource management principles and techniques
- Risk management processes (assessment and mitigation)
- Secure acquisitions (e.g. Contracting duties secure procurement supply chain risk management)
- Information technology (IT) supply chain security and risk management
- Applicable laws statutes Presidential Directives and guidelines related to cybersecurity and privacy
- Organizational risk tolerance and risk management approach
- Critical IT procurement requirements