Junior Information Security Analyst (15.38)

Junior Information Security Analyst

OCT Consulting is a business management and technology consulting firm that provides support to Federal Government clients. We provide consulting services in the areas of Strategy, Process Improvement, Change Management, Program and Project Management, Acquisition/Procurement, and Information Technology.

Responsibilities and Duties

OCT currently has an opening for a Junior Information Security Analyst to work with our federal client. On this project, you will work on a team that provides expertise to execute NIST, FISMA, Office of Management and Budget (OMB), FedRAMP, Treasury, and Internal Revenue Manual (IRM) technical Security Controls Assessments and Risk Analyses on information systems to identify risks and vulnerabilities.

This position is contingent upon contract award.

Day to day responsibilities include assisting your team to:

● Execute the hands-on manual technical NIST SP 800-53 security control assessments including any overlays (e.g. high value asset, artificial intelligence, critical software, FedRAMP, etc.)

● Assess the impacts of new laws, regulations, policies, and guidance on client Security Assessment requirement initiatives and advise on recommended process changes. Additionally review current client policies, guidance, manuals, and supporting tools to recommend updates and improvements, and assist with the implementation of any new guidelines

● Recommend process improvements and automated approaches to support testing methodologies, establishing streamlined/agile approaches for Security Controls Assessments

● Maintain key assessment package templates to ensure compliance with current/emerging federal guidance and lessons learned

● Execute security controls assessments and provide training to ensure Government staff understand and can perform security control assessments

● Provide subject matter expertise to incorporate threat modeling and hunting into the security control assessment process, improving the Government’s ability to proactively identify and mitigate risks

● Identify, develop, and implement automation solutions that enhance the efficiency, accuracy, and timeliness of program operations. Evaluate current business processes, workflows, and system interactions to determine opportunities where automation—such as robotic process automation (RPA), workflow orchestration, data transformation tools, or other intelligent automation technologies—can reduce manual workload, eliminate redundancies, and improve mission outcomes

Requirements

● Must be a U.S. Citizen

● Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or related technical field

● An associate degree plus 2 additional years of hands-on experience may substitute for a bachelor’s degree

● 1 to 3 years of relevant professional experience in information security, cyber risk management, network defense, or IT system administration with a security focus. Experience may include internships, co-op positions, or hands-on cybersecurity training

programs that demonstrate applied understanding of security principles.

● CompTIA Security+ CE certification (or equivalent) required

● Network+, CEH, or CAP certifications preferred

● Excellent presentation and verbal communication skills

● Ability to create accurate written work products by following Job Aids and document templates

● Ability to work under pressure and tight timelines for multiple projects with positive attitude and flexibility

● Knowledge of FISMA, NIST Special Publications, OMB, Risk Management Framework (RMF), and ISCM Plan development.

● IT security knowledge with desired Professional Certifications from the International Information System Security Certification Consortium (ISC)2, the International Society for Automation (ISA), the Project Management Institute (PMI), CompTIA, or the SANS

Institute

● Knowledge and experience with technology risk assessments covering Webservices, network appliances and software

● Knowledge and experience of the IRS Enterprise Lifecycle and OneSDLC

● Knowledge of System Interconnections to include virtual private network (VPN) and other encryption technologies

● Knowledge and experience with cloud systems, CSPs, and FedRAMP requirements

● Project management experience, experience in monitoring and overseeing multiple tasks concurrently

● Knowledge/experience with Qmulos Q-Compliance, SharePoint, scanning tools, ServiceNow GRC, SPLUNK is preferred

● Ability to pass a federal government background investigation; the investigation will involve a credit, fingerprint, and law enforcement agency check

Selective Service Registration (Applicable to males born after December 31, 1959)

The Vendor Point of Contact (POC) is responsible for ensuring the appropriate Selective Service documentation is provided to the IRS, as applicable:

• Registered applicants: Official proof of registration must be obtained and saved from the Selective Service verification site:

• Non-registered applicants:

• Foreign-born individuals: Vendors must provide an official letter from the Selective Service indicating either that the individual was not required to register or that registration was required but is no longer possible.

• U.S. citizens or foreign-born individuals who were required to register but did not: Vendors must submit a written explanation demonstrating that the failure to register was neither knowing nor willful.

Federal Tax Compliance Requirement:

Federal Tax Compliance: All team members must be tax compliant and must remain compliant while actively working on IRS contracts. IRS will check tax compliance – no documentation is required but all applicants should consider this to be a formal notification of this requirement.

Benefits

OCT offers competitive compensation packages and a full suite of benefits which includes:

● Medical, Dental, and Vision insurance

● Retirement savings 401K plan provided by an industry leading provider with 3% employer contributions of the employee’s gross salary

● Paid Time Off and Standard Government Holidays

● Life Insurance, Short- and Long-Term disability benefits

● Training Benefits

Salary Range: $70,000 to $90,000 yearly commensurate with experience, education, etc.

About OCT Consulting

OCT Consulting LLC is a Small Business (SB) providing professional services and information technology solutions to the Federal government and commercial clients. Founded in 2013, we bring the agility of operations and a management team with a track record of leading successful engagements at major Federal government agencies.

At OCT, we believe in creating a work environment where employees can thrive based on their abilities, skills, and achievements. We are dedicated to providing career growth and professional development based on individual merit and fostering a workplace where everyone’s contributions are valued and recognized.