SkyePoint Decisions, Inc.

Returning Candidate?

Senior Cyber Security Analyst

Senior Cyber Security Analyst

ID 
2017-1515
Job Location 
US-DC
Job Type 
Immediate Hire
Category 
Information Technology

More information about this job

Overview

SkyePoint Decisions is looking for a Senior Cyber Security Analyst to support our federal client located in Washington, DC.  The Senior Cyber Security Analyst Provides leadership to a cyber-security program, implementing a Risk Management framework approach to managing agency risks.  Matures the agency's cyber program to a Continuous Monitoring program approach.    Develops accreditation packages, documents risk and recommendations, developed security memorandums.  Reviews tests results and provides independent Q&A and validation of results.   Manages risks by providing formal and information risk assessments and facilitates POA&M management. 

 

Develops cyber security programs, processes, policies, and procedures. Fosters cyber security awareness. Conducts cyber incident and event analysis and investigation. Assesses network vulnerabilities. Ensures necessary data protection and security controls. 

Responsibilities

The Senior Cyber Security Analyst will actively participate in conducting security assessments of systems to identify vulnerabilities, providing recommendations for their remediation, and assisting system owners in implementing effective safeguards. Validating that controls are risk rated and risk statements are clearly stated and capture the specific business impact to the judiciary in the event that a deficiency is exploited.  Additional responsibilities may include but are not limited to:

  • Developing security assessment plans for systems, including the objectives, scope, schedule, required documentation, possible risks, and other logistical items for security assessments
  • Develops cloud service provider testing approach
  • Provides validation of security control tests for cloud service provides
  • Coordinating access to systems and approvals for scanning activities
  • Conducting ad hoc testing on an as-needed basis to assist with development activities or vulnerability remediation
  • Reviewing/testing system security controls (managerial, operational, and technical) to determine adequacy against federal requirements (e.g., NIST SP 800-53) and mission context.
  • Documenting plans of action and milestones for corrective action following assessment activities and in response to identified vulnerabilities
  • Draft security policies and procedures including the system security plan, and agency specific policies in accordance with NIST requirements
  • Routinely conduct risk assessments to quantify impacts of vulnerabilities or decisions to the federal government.

Qualifications

6-9+ Years; Bachelors, Desired Education: Masters.

 

Required Experience:

  • BS in Engineering, Computer Science or related Science degree
  • Experience with Risk Management Frameworks
  • Minimum of 3 years’ experience related to NIST 800-53a Rev 4 control testing/validation
  • Minimum of 6 years’ managing and conducting A&A engagements
  • Minimum of 5 years’ experience in information security fundamental/principles

Desired Experience:

  • Certified Information Systems Security Professional (CISSP)
  • Security+
  • Certified Information Security Manager (CISM)
  • Certified Ethical Hacker (CEH)

 

SkyePoint Decisions is an established ISO 9000:2008 certified small business headquartered in Dulles, Virginia, with local offices across the Washington, DC, metropolitan area. SkyePoint Decisions has grown into a successful federal contractor by combining industry best practices with innovative solutions that consistently meet or exceed customer requirements. We understand and integrate our customer’s technology and mission requirements to successfully deliver high quality, cost effective services on time and on budget.

 

SkyePoint Decisions empowers a secure dynamic workforce to complete any mission -- anytime, anywhere. It’s what we call Agency Anywhere®. SkyePoint Decisions delivers Agency Anywhere® by tightly integrating our technical competencies (cybersecurity, cloud services, remote access, collaboration, system & network optimization, device management and more) to provide our customer’s operating environments with the security, flexibility, availability, and operational continuity required to enable today’s on-the-go federal workforce to successfully and securely complete any mission – anytime, anywhere.

 

SkyePoint Decisions is committed to hiring and retaining a diverse workforce. We are an Equal Opportunity Employer, making decisions without regard to race, color, religion, sex, national origin, age, veteran status, disability, or any other protected class. U.S. Citizenship is required for most positions.