Information Security, Privacy Analyst
Jorge - Crystal City, VA

This job posting is no longer available on Jorge. Find similar jobs:Information Security jobs - Jorge jobs

Description/Job Summary Provides technical and programmatic Information Assurance Services to internal and external customers in support of network and information security systems. Designs, develops and implements security requirements within an organization’s business processes. Prepares documentation from information obtained from customer using accepted guidelines such as DITSCAP (DoD Information Technology Security Certification and Accreditation Process). Prepares Security Test and Evaluation plans. Provides certification and accreditation support in the development of security and contingency plans and conducts complex risk and vulnerability assessments. Analyzes policies and procedures against Federal laws and regulations and provides recommendations for closing gaps. Develops and completes system security plans and contingency plans. Recommends system enhancements to improve security deficiencies. Develops, tests and integrates computer and network security tools. Secures system configurations and installs security tools, scans systems in order to determine compliancy and report results and evaluates products and various aspects of system administration. Conducts security program audits and develops solutions to lessen identified risks. Develops strategies to comply with privacy, risk management, and e-authentication requirements. Provides information assurance support for the development and implementation of security architectures to meet new and evolving security requirements. Evaluates, develops and enhances security requirements, policy and tools. Provides assistance in computer incident investigations. Performs vulnerability assessments including development of risk mitigation strategies. Requires a Bachelors degree and eight to ten years of related experience performing a wide variety of information assurance and information systems security engineering duties, to include the certification and accreditation of information systems using DIACAP (formerly DITSCAP), NIACAP, NIST SP 800-37, and/or DCID 6/3 frameworks.

  • BS/BA degree in Computer Science, Engineering or related Technical Discipline
  • Minimum of three (3) years experience in special access program security required;
  • At least five (5) years of management experience
  • Possess two (2) years experience in Vulnerability Assessment and/or Risk Analysis;
  • Demonstrated experience to develop solutions to problems relating to improvement of information assurance effectiveness, organizational structures, work methods and procedure efficiency, and resources requirements, utilization or control
  • Demonstrated experience in developing and drafting program or project milestones, progress monitoring, financial, acquisition, quality control, maintenance, or training documentation related to information assurance activities
  • Demonstrated experience in the use of automated management information systems in performing fact finding, analytical, and advisory functions related to information assurance activities
  • Demonstrated experience in the implementation of DIACAP policies and procedures
  • Demonstrated experience in FISMA compliance reporting
  • Demonstrated experience in the implementation of DISA Security Technical Implementation
  • Guides, Gold Disk scans and or REM/Retina scans
  • Possess Level III certification in Information Assurance (IA) in accordance with DoD 8570.01M “Information Assurance Workforce Improvement Program”
  • JAFAN 6/3 Training

About this company
JSC has been providing application support to our clients since our inception. From enterprise and desktop software applications and version...