Senior Information Assurance Analyst Job Description Template
Our company is looking for a Senior Information Assurance Analyst to join our team.
Responsibilities:
- Lead the authorization process for new hardware and software request;
- Build weekly activity report and metrics slide;
- Participates in internal/external security audits/inspections; performs risk assessments and Continuous Monitoring;
- Oversee the completion of entry/exit forms for equipment and media entering secured areas;
- Provide annual assessment support;
- Evaluates proposed changes or additions to the information system, and advises senior site leadership of the security relevance;
- Conduct vulnerability scans of external media;
- Ensure proper protection and / or corrective measures have been taken when an incident or vulnerability has been discovered;
- Serve as alternate PKI registered agents as applicable;
- Provide supplemental vulnerability management support;
- Continuous upkeep, monitoring, analysis, and response to Information System, network and security events;
- Lead / conduct security IS education and training.
Requirements:
- Requires a SECRET Government Security Clearance;
- Bachelor’s degree or equivalent and 3 years experience or 7+ years of IA experience;
- Holding an active Certified Information Systems Security Professional (CISSP) accreditation;
- Good writing and verbal presentation skills;
- Expert with Microsoft Windows, Linux, and system virtualization (multiple hypervisors) in a secure network environment;
- Familiarity with network technologies (LAN & WAN) and best practices within a classified environment to include crypto and key management;
- Security hardening scripting/automation experience;
- Background or understanding of System Security Plans (SSP);
- Past or current ISSM/ISSO experience;
- Minimum 10-15 years experience in related field;
- Detailed understanding of the Risk Management Framework (RMF), NIST, ICD, and CNSS standards;
- Must be able to work well within a team environment and able to adapt quickly to change;
- Must be able to work in a constantly changing regulatory environment with short, mid, and long term timelines for remediating any non-compliance;
- Microsoft OS Certification (MCSE Win 7 or other);
- Current or ability to obtain DoD 8570 baseline certification for IAM III within 6 months.