Veris Group, LLC is a management and technology services firm and accredited FedRAMP 3PAO with a core focus on providing information assurance and cybersecurity consulting services to government and commercial organizations. We currently have an opening for an experienced Sr. Security Analyst in Vienna, VA. A PUBLIC TRUST SECURITY CLEARANCE IS REQUIRED TO APPLY.
- Undergraduate Degree in a technical field
- CCSK, CAP, Network+, Security+, and CISM certifications are preferred
Summary of Duties:
The individual will be responsible for independently leading assessment teams, security assessments, Security Test and Evaluation (ST&E), contingency plan testing, and other advanced-level testing activities in accordance with FedRAMP, NIST Special Publications 800-30, 800-37, 800-60, 800-53A, 800-53 Rev- 3, FIPS 199 and related OMB and NIST guidance.
This position requires a strong working knowledge of multiplatform technologies such as:
- Windows, Unix, Network, Database security
- Active Directory
- Service oriented architectures
- Server virtualization, vulnerability testing
- Networking protocols and topologies
- Security architectures
- Incident management.
- Ability to lead independent SCA/ST&E/IV&V efforts with limited project oversight.
- Must have delivered compliance projects independently and have lead teams when more complex assessments were required
- Intimate knowledge of NIST publications such as; 800-37 Rev. 1,800-53 Rev. 3, 800-53A Rev. 1, 800-60, FIPS 199, 800-60, FIPS 199, etc.
- Solid knowledge of information security principles and practices.
- Ability to conduct external and internal vulnerability assessments of multiplatform environments using tools such as, but not limited to; Nmap, MVM, Nessus, AppDetective, AppScan and WebInspect.
- Has the ability to work through highly complex testing engagements and develop proactive solutions, preemptive solu
- Proactively assesses potential items of risk and opportunities of vulnerability in the network
- Proficient Technical Writing Skills
- Strong communication skills, both written and oral
- Organized, responsive and self-motivated problem solver.
- Basic knowledge of networking components (i.e. firewalls, switches, servers, routers, IDS, etc.)
- Familiarity with UNIX, Microsoft, ESX, Xen Operating Systems
- Six (6) to eight (8) years compliance experience (FISMA/DIACAP/FedRAMP)
- Knowledge of and experience implementing Risk Management Framework
- Extensive testing experience with FISMA and DIACAP compliance regulations
- Experience in conducting ST&E/SCA testing of Management/Operational/Technical security controls in accordance with NIST SP 800-53, rev 3 and NIST SP 800-53a Rev. 1 guidance.
- Strong multiplatform hands-on experience testing Unix, Windows and Network (firewalls/routers/switches/IPS,IDPS) related technologies.
- Experience with Nessus, IBM Rationale Suite (Appscan); DBProtect, Webinspect, and SquirreL