Information Assurance Analyst Job Description Template
Our company is looking for a Information Assurance Analyst to join our team.
Responsibilities:
- Ensure proper protection and / or corrective measures have been taken when an incident or vulnerability has been discovered;
- Serve as alternate PKI registered agents as applicable;
- Lead / conduct security IS education and training;
- Continuous upkeep, monitoring, analysis, and response to Information System, network and security events;
- Build weekly activity report and metrics slide;
- Lead the authorization process for new hardware and software request;
- Participates in internal/external security audits/inspections; performs risk assessments and Continuous Monitoring;
- Oversee the completion of entry/exit forms for equipment and media entering secured areas;
- Provide annual assessment support;
- Conduct vulnerability scans of external media;
- Evaluates proposed changes or additions to the information system, and advises senior site leadership of the security relevance.
Requirements:
- Bachelor’s degree in related field preferred;
- Operating System Certifications: SNORT IDPS/IPS Training Certificate based on current market offerings;
- Some background in research and analysis;
- Assist in the maintenance of security controls to ensure appropriate security posture;
- Assist in monitoring and assessment of Information Assurance Vulnerability Alert (IAVA)/Information Assurance Vulnerability Bulletin (IAVB) process;
- 5+ years of experience with vulnerability remediation;
- GCIH a plus;
- Detailed understanding of the Risk Management Framework (RMF), NIST, ICD, and CNSS standards;
- Microsoft OS Certification (MCSE Win 7 or other);
- 5+ years of experience performing wireless/web application/operating system/database vulnerability assessments;
- Must be able to work in a constantly changing regulatory environment with short, mid, and long term timelines for remediating any non-compliance;
- Current or ability to obtain DoD 8570 baseline certification for IAM III within 6 months;
- Security hardening scripting/automation experience;
- Risk Management Framework (RMF) monitoring and accreditation/re-accreditation process;
- Background or understanding of System Security Plans (SSP).