Information Security Analyst (Junior) (TS/SCI)

Raven Technologies - Chantilly, VA

posted 9 days ago

Full-time
Chantilly, VA

About the position

This position offers an exciting opportunity to join a small but growing team of dedicated technical experts focused on enhancing our nation's security. The role requires a strong foundation in Risk Management Framework (RMF) principles, which include risk assessment, risk mitigation, and risk monitoring. Candidates will be expected to support Assessment and Authorization (A&A) processes, which involve conducting security control assessments, risk assessments, and obtaining authorization to operate. In addition to A&A support, the position emphasizes the importance of monitoring and compliance. Applicants should possess a solid understanding of continuous monitoring principles, including security control monitoring, vulnerability management, and compliance reporting. The role also involves knowledge of Continuous Risk Evaluation (CRE) engine integration, which encompasses risk scoring, threat analysis, and vulnerability management. Candidates will also be expected to demonstrate familiarity with Continuous Diagnostics and Mitigation (CDM) principles, which include continuous monitoring, diagnostics, and the mitigation of security threats. A background in automated cloud security management tools is essential, as is a solid understanding of cloud security principles, including cloud security architecture, controls, and compliance. Furthermore, experience with cybersecurity frameworks, particularly the NIST 800-53 Cybersecurity Framework, is highly desirable. Proficiency in Security Information and Event Management (SIEM) systems, including log collection, analysis, and incident response, is also required. Finally, candidates should have a grasp of vulnerability management principles, including vulnerability scanning, penetration testing, and remediation.

Responsibilities

  • Support Assessment and Authorization (A&A) processes including security control assessments and risk assessments.
  • Conduct risk assessments and obtain authorization to operate.
  • Implement continuous monitoring principles including security control monitoring and compliance reporting.
  • Integrate Continuous Risk Evaluation (CRE) engines for risk scoring and threat analysis.
  • Apply Continuous Diagnostics and Mitigation (CDM) principles to monitor and mitigate security threats.
  • Utilize automated cloud security management tools for compliance and governance.
  • Ensure adherence to cloud security principles and architecture.
  • Engage with cybersecurity frameworks, particularly NIST 800-53.
  • Manage Security Information and Event Management (SIEM) systems for log collection and incident response.
  • Oversee vulnerability management processes including scanning and remediation.

Requirements

  • 1-3 years of experience in risk management and cybersecurity.
  • In-depth knowledge of Risk Management Framework (RMF) principles.
  • Experience with Assessment and Authorization (A&A) processes.
  • Understanding of continuous monitoring principles.
  • Knowledge of Continuous Risk Evaluation (CRE) engine integration.
  • Familiarity with Continuous Diagnostics and Mitigation (CDM) principles.
  • Experience with automated cloud security management tools.
  • Knowledge of cloud security principles and architecture.
  • Understanding of cybersecurity frameworks, especially NIST 800-53.
  • Experience with Security Information and Event Management (SIEM) systems.
  • Knowledge of vulnerability management principles.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service