Info Security Analyst, Advanced

About The Position

Requirements

• Bachelor's degree in computer science, information security, or a related field.
• Nine years of broad technical experience within IT or cybersecurity for Advanced level.
• Six years of broad technical experience within IT or cybersecurity for Senior level.
• Progressive experience with NIST Cybersecurity Framework and risk management practices.
• Experience in designing, implementing, or auditing security controls.
• Experience in quantifying threats, vulnerabilities, and response techniques.
• Experience in reviewing and recommending security policies and procedures.
• Experience in communicating security concepts to diverse audiences.
• Experience in an Enterprise Agile and DevSecOps environment is preferred.

Nice To Haves

• Professional cybersecurity certifications such as CISSP, CRISC, or CISA are desirable.
• Highly effective prioritization and organization skills.
• Commitment to delivering a great customer experience.

Responsibilities

• Ensure applicable IT security policies are implemented for assigned information systems.
• Provide guidance to categorize information and systems for security objectives.
• Support development and implementation of System Security Plans (SSPs).
• Perform assessments to validate security controls are implemented correctly.
• Complete annual Security Assessments and Authorizations.
• Maintain operational continuous monitoring plans as part of the SSP.
• Execute risk assessments prior to system changes.
• Create and manage Risk Acceptances and Plan of Action and Milestones (POA&Ms).
• Coordinate with System Owners to update SSP and manage system changes.
• Maintain and update security documentation to comply with program requirements.
• Support refinement of the Information Security team backlog.
• Gather and analyze input from stakeholders for project initiatives.
• Collaborate with teams to ensure security requirements are addressed in projects.
• Educate staff on applicable security policies and procedures.
• Mentor junior team members on risk assessment processes.
• Identify, assess, track, and report on IT/Security risks across the enterprise.
• Conduct research and prepare reports on security topics.

Benefits

• Comprehensive healthcare options (Medical, Dental, and Vision)
• 401(k) match and a fully funded pension plan
• Paid time off and holidays
• Free public transportation passes
• Annual educational assistance
• On-site fitness facility
• Professional development programs, training, and conferences