Sr. Security Analyst/Technical Project Lead)
Veris Group - Vienna, VA

This job posting is no longer available on Veris Group. Find similar jobs: Veris Group jobs

Veris Group, LLC is a management and technology services firm and accredited FedRAMP 3PAO with a core focus on providing information assurance and cybersecurity consulting services to government and commercial organizations. We currently have an opening for an experienced Security Analyst/Project Team Lead in Vienna, VA. A PUBLIC TRUST SECURITY CLEARANCE IS REQUIRED TO APPLY.

Education/Certification Requirements:
  • Undergraduate Degree in a technical field
  • CISSP
  • CCSK, CAP, Network+, Security+, and CISM certifications are preferred

Summary of Duties:

The individual will be responsible for independently leading assessment teams, security assessments, Security Test and Evaluation (ST&E), contingency plan testing, and other advanced-level testing activities in accordance with FedRAMP, NIST Special Publications 800-30, 800-37, 800-60, 800-53A, 800-53 Rev- 3, FIPS 199 and related OMB and NIST guidance.

This position requires a strong working knowledge of multiplatform technologies such as:
  • Windows, Unix, Network, Database security
  • Active Directory
  • Service oriented architectures
  • Server virtualization, vulnerability testing
  • Networking protocols and topologies
  • Security architectures
  • Incident management.
Required Skills
  • Ability to lead independent SCA/ST&E/IV&V efforts with limited project oversight.
  • Must have delivered compliance projects independently and have lead teams when more complex assessments were required
  • Intimate knowledge of NIST publications such as; 800-37 Rev. 1,800-53 Rev. 3, 800-53A Rev. 1, 800-60, FIPS 199, 800-60, FIPS 199, etc.
  • Solid knowledge of information security principles and practices.
  • Ability to conduct external and internal vulnerability assessments of multiplatform environments using tools such as, but not limited to; Nmap, MVM, Nessus, AppDetective, AppScan and WebInspect.
  • Has the ability to work through highly complex testing engagements and develop proactive solutions, preemptive solu
  • Proactively assesses potential items of risk and opportunities of vulnerability in the network
  • Proficient Technical Writing Skills
  • Strong communication skills, both written and oral
  • Organized, responsive and self-motivated problem solver.
  • Basic knowledge of networking components (i.e. firewalls, switches, servers, routers, IDS, etc.)
  • Familiarity with UNIX, Microsoft, ESX, Xen Operating Systems
Required Experience
  • Five (5) to eight (8) years compliance experience (FISMA/DIACAP/FedRAMP)
  • Knowledge of and experience implementing Risk Management Framework
  • Extensive testing experience with FISMA and DIACAP compliance regulations
  • Experience in conducting ST&E/SCA testing of Management/Operational/Technical security controls in accordance with NIST SP 800-53, rev 3 and NIST SP 800-53a Rev. 1 guidance.
  • Strong multiplatform hands-on experience testing Unix, Windows and Network (firewalls/routers/switches/IPS,IDPS) related technologies.
  • Experience with Nessus, IBM Rationale Suite (Appscan); DBProtect, Webinspect, and SquirreL

Veris Group - 15 months ago - save job - block