Security Analyst

About the Company:

Primary Responsibilities:

• Manages as well as maintains up-to-date POA&M to identify and list security weaknesses within the system, record proposed solutions, and deploy measures for mitigation.
• Updates security documents, including system descriptions, interconnections, and control implementation statements.
• Defines, plans, implements, maintains, and upgrades security measures, policies, and controls
• Conducts scheduled and on-demand vulnerability scans to identify shortcomings and plan measures to protect against breaches and exposure of sensitive data.
• Completes access request review, approvals and maintenance activities for the TechOps GSS and subsystem
• Supports TechOps GSS and/or PB-ITS application audit and potential finding remediation.
• Provide ATO Support
• Provides full support of identification, tracking, coordination and remediation for any Binding Operational Directives (BOD), Emergency Directives (ED), Known Exploitable Vulnerabilities (KEV) or Zero-day vulnerabilities per GSA IT security policy or guidance. BODs and EDs are compulsory and Federal agencies are required to comply.
• Performs regular reviews, updates and submissions on required security deliverables in accordance with the GSA IT ISSO checklist and guides. Tasks include but are not limited to review of vulnerability scan reports, asset inventory management, Plan of Action and Milestones (POA&Ms), Contingency (CP) training and testing, annual FISMA self-assessment, and configuration setting and hardening verification.
• Research, documents, and track all security incidents (internal/external), utilizing incident tracking software. Makes recommendations for appropriate action(s) for remediation and develop additional controls as deemed necessary.
• Executes and supporting information security activities that are identified as mandatory, on a required basis or based on specific conditions or triggers.
• Develops and performs periodic security assessments of various systems, infrastructure, and connectivity; provide reports to be used for decision-making by IT management.

Certifications (Required):

• CompTIA Security+

Required Skills & Qualifications

• Minimum 2-4 years of relevant work experience.
• Minimum 2-4 Years experience utilizing Jira and understanding of Sprint Planning
• Must have 2-4 Years of Security Analyst Experience
• Must have 2-4 Years experience utilizing BigFix for Patching Management and Inventory Management
• Must have 2-4 Years experience using Invicti scanning tool
• Good anticipation, analytical, and problem-solving skills
• The ability to remain current on the latest technology and best practices in information security
• Support vulnerability management on a concurrent basis for multiple applications under timeline.
• Facilitate with securing NIST documents and acquiring accurate information as well as updated controls.
• Basic System Administrator experience in Windows and Linux.

Desired Skills & Qualifications

• Experience in supporting network/system monitoring tools.
• Experience working with appropriate complex systems administration, database administration, and “LAN Administration or “Network Maintenance”
• Must be able to multi-task and manage amongst projects.
• Takes initiative and doesn’t need constant instruction.
• Excellent follow-through.
• Strong analytical and problem-solving skills to troubleshoot system problems
• Good personal computer and business solutions software skills
• Ability to work independently and as part of a team.
• Good communication and customer service skills.

Additional Information:

• In order to meet the clearance requirements for this opportunity, candidates must be  Authorized to work in the U.S
• All candidates will be subject to a complete background check to include, but not limited to Criminal History, Education Verification, Professional Certification Verification, Verification of Previous Employment and Credit History.
• Public Trust background investigations can take approximately four to eight weeks and requires fingerprinting.

Other Information:

• The salary for this position is $60,000 - $90,000 annually
• For information on SFI's benefits please visit http://www.spatialfront.com/pages/career.html
• This is a full-time W2 position. 
• Please no agencies, third parties, or corp-to-corp.
• Spatial Front Inc. is an Equal-opportunity Employer, all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
• Spatial Front Inc. participates in E-Verify.