Information Assurance Analyst

Information Assurance Analyst Job Description Template

Our company is looking for a Information Assurance Analyst to join our team.

Responsibilities:

  • Ensure proper protection and / or corrective measures have been taken when an incident or vulnerability has been discovered;
  • Serve as alternate PKI registered agents as applicable;
  • Lead / conduct security IS education and training;
  • Continuous upkeep, monitoring, analysis, and response to Information System, network and security events;
  • Build weekly activity report and metrics slide;
  • Lead the authorization process for new hardware and software request;
  • Participates in internal/external security audits/inspections; performs risk assessments and Continuous Monitoring;
  • Oversee the completion of entry/exit forms for equipment and media entering secured areas;
  • Provide annual assessment support;
  • Conduct vulnerability scans of external media;
  • Evaluates proposed changes or additions to the information system, and advises senior site leadership of the security relevance.

Requirements:

  • Bachelor’s degree in related field preferred;
  • Operating System Certifications: SNORT IDPS/IPS Training Certificate based on current market offerings;
  • Some background in research and analysis;
  • Assist in the maintenance of security controls to ensure appropriate security posture;
  • Assist in monitoring and assessment of Information Assurance Vulnerability Alert (IAVA)/Information Assurance Vulnerability Bulletin (IAVB) process;
  • 5+ years of experience with vulnerability remediation;
  • GCIH a plus;
  • Detailed understanding of the Risk Management Framework (RMF), NIST, ICD, and CNSS standards;
  • Microsoft OS Certification (MCSE Win 7 or other);
  • 5+ years of experience performing wireless/web application/operating system/database vulnerability assessments;
  • Must be able to work in a constantly changing regulatory environment with short, mid, and long term timelines for remediating any non-compliance;
  • Current or ability to obtain DoD 8570 baseline certification for IAM III within 6 months;
  • Security hardening scripting/automation experience;
  • Risk Management Framework (RMF) monitoring and accreditation/re-accreditation process;
  • Background or understanding of System Security Plans (SSP).