Information Assurance Analyst, Senior

Description:

TLinked LLC is seeking an Information Assurance Analyst, Senior, to join our team of qualified and diverse individuals. The qualified applicant will become part of Department of State (DOS) Consular Affairs Enterprise Infrastructure Operations (CAEIO) Program, for the Bureau of Consular Affairs (CA). This initiative is intended to provide IT Operations and Maintenance to modernize the legacy networks, applications, and databases supporting CA services globally.

The Information Assurance Analyst is responsible for coordinating with the Infrastructure, engineering and application teams to improve cyber hygiene and security across various applications. Ensures cybersecurity principles and best practices are applied program-wide to maintain the integrity and availability of CA systems. Able to perform direct and advisory roles in oversight planning and implementation of projects and initiatives. Interface as needed at multiple levels of management, providing information and thought leadership in technical areas. Capable of providing recommendations regarding system upgrades, patch deployment guidance and overall compliance of systems. Ability to develop RMF accreditation packages to help systems achieve and maintain their Authorization to Operate (ATO) certification. Review existing governance, risk, and cybersecurity documentation for compliance with the Risk Management Framework (NIST SP 800-37) and Security and Privacy Controls. Write and understand security control implementation statements for incoming systems, including cloud based.

Responsibilities: (but not limited to)

1. Experience with coordinating with security engineers, IT operations team members and customers to develop and maintain the Plan of Actions and Milestones (POA&M) Acceptance of Risk (AOR) and other required security documentation processes and procedures.
2. Experience with cooperating with multiple operations teams to ensure appropriate response to security findings.
3. Knowledge and experience with Common Vulnerabilities and Exposures (CVE) to provide process and remediation recommendations.
4. The proven ability to influence and communicate effectively: excellent written and verbal communications skills, including an ability to communicate very technical findings to both technical and non-technical audiences, including project managers, systems engineers, developers, enterprise architects and senior management.
5. Experience reviewing, researching and providing guidance to engineers and respective OS admins to properly respond to vulnerabilities.
6. Provide guidance regarding vulnerability and risk analysis within the cybersecurity industry, including current and emerging technologies, methodologies (including cloud security models).
7. Have good working knowledge of OEL & RHEL systems.
8. Must be both a self-starter and team player with the ability to work independently with limited supervision.
9. Must be extremely flexible and able to manage multiple tasks and priorities on very tight deadlines.
10. Experience with implementation and writing technical security controls in cloud environments.

• Developing documentation on new or existing systems.
• Providing system/equipment/specialized training and technical guidance.
• Serving as liaison with clients, participating in meetings to ensure client needs are met.
• Ability to independently research and collaborate with teams to develop knowledge regarding the environment.
• Must be willing to take on lead roles within the team and effectively train team members based on inherent knowledge.
• Experience using tracking and reporting tools such as Confluence, ServiceNow, and SharePoint.

Qualifications:

1. Requires US Citizenship and an active SECRET Government Security Clearance with the ability to obtain TOP SECRET if needed.
2. 8+ years of related Information Assurance Analyst experience – primarily in a government environment, dealing with business critical, high availability systems.
3. 1+ years Red Hat Linux & Oracle Linux experience in an enterprise environment.
4. 1+ years of Cloud Environment experience.
5. Strength in multitasking and prioritization in order to meet periodically changing deadlines.
6. Self-starting and able to drive projects to completion in a fast moving environment.
7. Solid communications skills, both written and verbal. Able to create, discuss and explain technical documentation.
8. Ensure data integrity by evaluating, proposing, facilitating and providing guidance on software and hardware solutions.
9. Recommend and provide guidance on system enhancements that improved the performance, security, and reliability of the system.

Desired Skills:

1. Linux, CISSP or other relevant certifications to the position.
2. Experience with DevSecOps concepts, tools and automation skills.
3. Familiarity with industry standard host based security systems (HBSS) and Assured Compliance Assessment Solutions (ACAS).
4. Knowledge of various network vulnerability scanning platforms (Nessus, etc…).
5. Knowledge of A&A processes and authorization boundaries.
6. Knowledge of current IT security best practices.
7. Knowledge of system administration, networking, and operating system hardening techniques.
8. Mixed operating systems experience: (Linux, Windows).
9. Security+ CE or other 8570 IAT level II certification.

Location: Arlington, Virginia 22209