Sr Information Security Analyst - DIRECT LABOR
TS/SCI Clearance Required
Information Assurance Analyst Job Responsibilities:
Perform all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction. Provide technical focus on network support for switches, routers, along with network sensors such as firewalls and intrusion detection systems (IDS) and intrusion prevention systems (IPS). Conduct operating system, application, and database vulnerability assessments (to include system configuration checks) on various Information Systems.
Responsibilities:
- Performs Computer Security Incident Response activities for a large organization, coordinates with other government agencies to record and report incidents.
- Monitor and analyze Intrusion Detection Systems (IDS) to identify security issues for remediation.
- Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
- Evaluate firewall change requests and assess organizational risk.
- Communicates alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems.
- Assists with implementation of counter-measures or mitigating controls.
- Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
- Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance.
- Prepares incident reports of analysis methodology and results.
- Maintains current knowledge of relevant technology as assigned.
- Apply established security policies and procedures
- Review vulnerability assessments and conduct gap analysis of assigned networks and systems
- Develop Plan of Action and Milestones (POA&M) to address deficiencies
- Perform required network patching, including vendor updates and Government directed patches, validation scanning as directed by applicable policy and guidance
- Analyze audit security incident logs for individual or multiple network devices for sensitive information, unauthorized processes and unauthorized network connections
- Perform network security analysis and risk management for designated unclassified and classified networks
- Provide guidance and work leadership to less-experienced technical staff members
- Maintains current knowledge of relevant technology as assigned
- Participates in special projects as required
Education
- DoD 8570.1 Level 2 technical or management certification
- Direct Experience will be considered in lieu of advanced degree on a case-by-case basis.
- BS/BA with 5-8 years of experience required.
- ITIL v3 Foundations
- CISSP certification
Experience
Required:
- Minimum 4 years direct experience implementing or managing IT systems and networking technologies
- 2 years direct experience evaluating IA controls and preparing C&A documentation; experience using automated vulnerability assessment tools
Knowledge:
- In-depth knowledge of DoD and US Government security regulations and methodologies
- Strong understanding of IT security and the security features contained in today's mainstream IT technologies, to include Firewall, IDS/IPS, VPN, Router, Switch, and with knowledge of server technologies such as such as Windows 2003/2008, Unix, Linux, etc.
- Broad knowledge of network architectures and network management tools
- Demonstrated ability to perform complex technical tasks in pursuit of overall goals with minimal direction
- Experience performing network security analysis and risk management
Skills:
- Strong technical skills and analytic abilities
- Strong communication skills (written & oral)
- Ability to deal with customers at all levels in stressful situations
- Ability to prioritize and dynamically re-task response and recovery actions as situations change
- Ability to provide accurate and concise documentation
Unique/Additional Requirements
This position is contingent on Contract Award
- This position may require shift work and weekend work
- This position may require deployments to CONUS and OCONUS locations worldwide, and may include hazardous duty areas
- Deployments can be of a duration of up to 180 days; this position typically deploys on an as-required basis
The largest communications company in the United States. And the world. We are the industry leaders in providing wireless service, high speed internet access, local and long distance voice, and directory publishing and advertising services across the US. We are also developing our business to include next-generation television services with our new AT&T U-VerseSM TV.
Join our incredibly diverse company of more than 250,000 people and help drive the innovation that keeps AT&T at the leading edge of technology and service. Expect big things from the company that created the communications industry.
