Senior Cyber Security Business Analyst (Remote)

$92,986 - $158,076/Yr

ICF International - Reston, VA

posted 7 days ago

Full-time - Mid Level
Remote - Reston, VA
Administrative and Support Services

About the position

The Senior Cyber Security Business Analyst at ICF will play a crucial role in supporting federal customers by overseeing low-code system security, providing policy guidance, conducting audits, and facilitating integration and development activities related to ServiceNow and Salesforce platforms. This position requires a strong understanding of business needs and effective communication between technical teams and security stakeholders, ensuring compliance with security policies and procedures.

Responsibilities

  • Ensure the system is operated, used, maintained, and disposed of in accordance with documented security policies and procedures.
  • Advise System Owner of any security risks and obtain assistance from the ISSM, if necessary, in assessing the risk.
  • Assist system owners in completing and maintaining all System A&A documentation.
  • Ensure System users have the required background investigations, authorization, and familiarity with internal security practices before access is granted.
  • Promote information security awareness, including privacy awareness.
  • Identify, report, and respond to information security incidents.
  • Review system role assignments to validate compliance with principles of least privilege.
  • Review audit/log reports for potential security issues.
  • Evaluate Security Advisory Alerts (SAA) and known vulnerabilities to ascertain if additional safeguards are needed; ensure systems are patched and securely configured, as appropriate.
  • Support the security measures and goals established by the Agency CISO.
  • Comply with the Agency security awareness training requirements for individuals with significant security responsibilities.
  • Assist in the identification, implementation, and assessment of a system's security controls, including common controls.
  • Coordinate and maintain an accurate inventory of the information system.
  • Work with the system owner and ISSM to develop, implement, and manage System Plan of Action and Milestones (POA&Ms).
  • Coordinate the scheduling, demonstration, and submission of supporting artifacts in relation to financial audits.

Requirements

  • Bachelor's Degree
  • 5+ years of recent experience working in an IT organization as a security analyst
  • 2+ years of experience with low-code platforms such as ServiceNow and Salesforce
  • Security + certification
  • 5+ years of experience managing an organization's security risk
  • US Citizenship required due to federal contract requirements
  • Must be able to obtain Public Trust clearance
  • Must be familiar with NIST standards and FEDRAMP process.

Nice-to-haves

  • CISSP certified
  • A+ certified
  • Solid understanding of various Security Concepts (e.g., A&A packages, SAA, POA&Ms, etc.); knowledge of security data calls.
  • Skilled at analyzing existing system documentation to summarize existing system functionality as it relates to the project at hand.
  • Good understanding of basic system technologies as they relate to the project deliverables.
  • Ability to maintain System POA&Ms and drive activity.
  • Experience with regular security audits of logs and user access privileges.
  • Ability to provide security assistance/guidance and troubleshooting by effectively responding to inquiries.
  • Experience thriving in ambiguous software development environments.
  • Ability to work well under constantly changing deadlines and priorities.
  • Experience with Appian, or similar BPM software.
  • Excellent oral and written communication skills.

Benefits

  • Remote work flexibility
  • Diversity and inclusion initiatives
  • Professional development opportunities
  • Health insurance
  • Paid time off
  • Retirement savings plan

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service