Computer Security Analyst

Information Technology Washington, District of Columbia Job ID: 2018-1016


Description

Computer Security Analyst

Location:  Washington, DC

Clearance: Public Trust (Customer specific)

 

Job Description:

This position is located in Washington, DC. You must be a US citizen in order to obtain the security clearance. The ideal candidate will assist with working with IT Security Configuration Baseline, Approved Asset Management, Security Operations and potential risk management.  This position will help with   in a dynamic role requiring leadership and coordination with multiple IT teams.   This environment supports over 1,100 Users and over 7,000 assets located in multiple locations in the Washington, DC area; as well as offices in New York, NY; Chicago, IL; and Kansas City, MO.

Key responsibilities:

  • Coordinate, plan, schedule, and execute initiatives for the complete support and management of the IT security posture for the Federal client
  • Establish and maintain a CFTC Configuration Management program following Security Configuration Management (SecCM) Plan, Identify and Implement, Control Configuration Changes, and Monitor for compliance lifecycle management
  • Monitor security threats to baseline configurations (workstations, laptops, servers, network appliances, mobile devices, etc.)
  • Support the development of tailored security configuration baselines.
  • Work with the Security team to gain acceptance and approval of all security controls
  • Work with the Operations team to recommend vendor best practices for Active Directory (AD), Organizational Units (OUs) and Group Policy Objects (GPOs) to optimize compliance monitoring and reporting.
  • Work with the Operations team to load, set up collections, and run scans for standard compliance reports for all approved baselines.
  • Analyze changes to AD OUs/GPOs, privileged access activities, and support data loss prevention (DLP) project
  • Work with Security Operations supporting threats, weaknesses, and vulnerability management and remediation.
  • Work as a member of the incident response identification, declaration, and remediation support team through interaction with SIEM tools and processes.
  • Work with the Network Team for compliance monitoring to vendor recommended baselines for network appliances using Solar Winds.
  • Participate (as needed) in the Configuration/Change Control Board (CCB) for review and recommendations for Configuration baseline vulnerability identification and remediation before and after implemented changes
  • Support activities for the NIST Risk Management Framework (RMF) and Continuous Diagnostic and Mitigation
  • Conduct continuous independent research on configuration compliance standards and industry best practices through white papers and presentations to management
  • Develop and document configuration baselines and monitor compliance; and assist in deployment of new or updated configuration baselines from the test environment to UAT or Production.
  • Assist in researching, evaluating, and developing relevant Information security policies and guidance.
  • Act as the lead security adviser/approver for the change control board.

Minimum Qualifications:

  • Minimum of 5 years of technical experience (Computer system design, integration, application development, and computer security)
  • Bachelors of Science Degree (or equivalent experience)
  • Must be a US Citizen
  • Technical experience with Active Directory Objects and Policies (OU/GPO).
  • Technical experience with Microsoft Windows 7/8/10 and Server 2012R2 and above for all server types and roles
  • Technical experience with Security Operations Tools (such as Symantec (SEP/DLP), Solar Winds, ForeScout, AccelOpps, FortiSIEM, Cisco Sourcefire, Stealthwatch, IronPort, MIMESweeper, ProofPoint, TrendMicro, Enterprise Email Gateway, etc.)

 

Certification Requirements:

  • N/A


Clearance:

  • Customer specific Public Trust with ability to obtain a higher clearance level if required.

Preferred Qualifications:

  • Possess broad working knowledge of Incident Response activities.
  • Possess broad working knowledge of Configuration Management, Configuration Items, Configuration Baselines, CMDB management.
  • Possess knowledge of Risk Management Framework (RMF) for continuous monitoring
  • Possess broad knowledge of network architecture, asset and configuration management tools, baseline images and compliance folders.
  • Possess strong technical skills and analytic abilities, as well as experience performing network security analysis and risk management as it relates to the configuration.
  • Possess ability to perform complex technical tasks in pursuit of overall goals with minimal direction, limited access to systems, and resource restrictions.
  • Possess excellent written and professional oral communications skills to develop and present compliance reporting and security recommendations.
  • Possess the ability to translate an understanding of systems and applications into security baselines scan plans and perform hands on security scanning.
  • Demonstrated ability to analyze scan results and suggest mitigations for security problems.
  • Possess a broad knowledge of Information Security policies and guidance, as well as the ability to assist in researching, and evaluating additional enhancements.

The employment policy of STG, Inc. is to provide equal employment opportunity for all qualified employees and applicants without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status and to ensure affirmative action is taken in fulfillment of this policy.