Information Security Analyst
$74,000 - $146,000/Yr
Sanmina - Huntsville, AL
posted about 2 months ago
Full-time - Mid Level
Onsite - Huntsville, AL
Computer and Electronic Product Manufacturing
About the position
The Information System Security Officer (ISSO) position at Sanmina Corporation involves supporting classified Information Systems (IS) and ensuring compliance with the National Industrial Security Program (NISP). The ISSO will work closely with the Information System Security Manager (ISSM) and various engineering and program development teams to implement security requirements, document processes, and mentor junior team members. This role is critical in maintaining compliance with DOD, NIST, NISPOM, and DCSA regulations while contributing to the overall security posture of the organization.
Responsibilities
- Support the Information System Security Manager (ISSM) in maintaining compliance with the National Industrial Security Program (NISP).
- Work with engineering and program development teams to provide security requirements for new applications and systems.
- Contribute to the design, documentation, and deployment of security technologies.
- Assist in the development of System Security Plans (SSPs) and Plans of Action and Milestones (POA&Ms).
- Document processes and procedures related to Cyber Security technologies.
- Maintain the Cyber Security Roadmap in collaboration with the ISSM.
- Perform architectural reviews and submissions to support program objectives.
- Mentor junior team members on security technologies and standards.
- Manage and track security project tasks, including security controls development and implementation.
- Conduct security assessments and risk analysis, including log auditing and vulnerability scanning.
Requirements
- Bachelor's degree in Information Systems, Computer Science, or a Cyber-related discipline.
- Minimum of 5 years of IT-related work experience in an ISSO position.
- DoD approved baseline IAM Level II related certifications (CAP, CASP+ CE, CISM, CISSP or Associate, GSLC, CCISO, or HCCISP).
- Familiarity with various host, network, and cloud-based security technologies.
- Experience with NIST SP 800 standards including 30, 53, 82, and 171.
- Experience with CNSSI 1253 and 1253F.
- Experience with DISA STIGs and SCAP compliance checker.
- Experience with DCSA certification authority's RMF accreditation process and the DCSA DAAPM.
- Excellent troubleshooting skills and administration of security configurations across multiple operating systems (Windows, Linux/Unix).
- Ability to work with all levels of an organization and maintain positive relationships.
Nice-to-haves
- Experience in a DOD Information Security contractor security environment.
- Familiarity with eMASS tools and maintaining POA&Ms, artifacts, and SSPs.
- Experience with SIEM toolsets such as SolarWinds, Splunk, QRadar.
Benefits
- Equal Opportunity Employer - M/F/Veteran/Disability/Sexual Orientation/Gender Identity.
