Sr. Information Security Analyst

About the position

Parsons is seeking an exceptionally talented Information Security Analyst to join our dynamic team. This role is pivotal in ensuring the security and integrity of our information systems and networks. The Information Security Analyst will focus on information security, information assurance, and compliance design, integration, implementation, modification, and coordination of the installation, testing, operation, and disposition of hardware and software systems. The responsibilities will include conducting thorough analyses, developing functional and technical requirements and specifications, and maintaining comprehensive documentation. The analyst will monitor the availability, serviceability, and recoverability of installed technology security systems, implement information security procedures and tools, and manage the installation and integration of system patches, updates, and enhancements. A critical aspect of this role is ensuring the rigorous application of information security and information assurance policies, principles, and practices. In this position, the Information Security Analyst will proactively evaluate, plan, implement, upgrade, or monitor security measures for the protection of computer networks and information. The analyst will ensure that appropriate security controls are in place to safeguard digital files and vital electronic infrastructure, responding effectively to computer security breaches and viruses. Utilizing technical knowledge and analytical skills, the analyst will determine the optimal mix of technology, policy, procedures, and education to implement effective information security programs and strategies. The role also involves determining security controls, configurations, procedures, and policies based on industry standards, best practices, federal and state regulations, and contractual requirements. The Information Security Analyst will establish and manage program control processes and compliance assessments to identify deviations from acceptable configurations, policies, or standards. They will provide expertise in compliance requirements for internal and external reviews and assist in identifying and mitigating risks to the confidentiality, integrity, and availability of information systems. The analyst will master and explain the information security requirements for legal and regulatory compliance, generating Plans of Action & Milestones (POA&M) to track the mitigation of vulnerabilities and compliance issues. Additionally, the analyst will act as an Information System Security Officer (ISSO) resource for government computer systems, managing the creation and maintenance of System Security Plans (SSPs).