Jr. Information Security Analyst (Req:5301)

Job Title Jr. Information Security Analyst
Status Full-time
Location McLean, VA -
Work Status
U.S. Citizen
Positions that require U.S. citizenship or clearances are due to specific requirements of the U.S. government.
Clearance: Public Trust
Shift: Standard Business Hours
Description: Summit Technologies, Inc. is accepting resumes for an Information Security Analyst located in McLean, VA. You will have strong data analysis skills and be capable of utilizing, MS Access, Excel and SQL to perform said analysis. The candidate will also have a basic understanding of the NIST family of security controls and basic principles of system cyber security. This position requires a Public Trust Clearance.
Job Description:
  • The Information Security Analyst will primarily use Agency provided Risk Management Framework (RMF) support tools such as Telos Xacta IAM or RSA Archer to track and reconcile findings from security assessments, audits, and vulnerability scans.
  • You will work closely with team members, senior agency security officials, system owners, information security officers and other stakeholders.
  • Supporting other security program functions such as the Continuous Diagnostics and Mitigation (CDM) program, audit efforts, quality control, continuous monitoring, risk management and responding to ad hoc data calls.
  • The ideal candidate will possess a solid technical and writing background with a desire to learn and be involved in the establishing and maturing an Agency-wide information security program.
  • You would be apart of a larger team supporting the development and maturation of an Agency-wide information security program for a large civilian Federal agency.
  • Assisting in the maintenance of a vulnerability
  • Management process for the Agency,
  • Assisting in the management of InfoSec Program POA&Ms,
  • Auditing POA&Ms,
  • Analyzing vulnerabilities, POA&Ms and other findings,
  • Providing administrative support to Telos Xacta IAM and/or RSA Archer users
  • Researching and authoring policies and procedural documents, and Participating in peer review of deliverables.
Required Skills and Experience:
  • A Bachelor's Degree in Computer Science, Information Systems, Engineering, Business, or other related scientific or technical discipline. Experience can be substituted for education.
  • 0-2 years or more of relevant job experience.
  • US Citizenship.
  • Strong writing, editing, and oral communication skills including the ability to communicate complex technical issues to non-technical staff.
  • Demonstrated ability to prioritize and manage competing work assignments in a time sensitive environment.
  • Strong inter-personal and communications skills.
  • Experience with composing professional email correspondence.
  • Demonstration of ability to solve problems using best practices and systematic approach.
  • MS Office Suite (Word/Excel/Outlook)
  • Desired/But Not Required Tool Experience
  • Telos Xacta IAM, CDM Dashboard/RSA Archer, " BigFix
  • FoundStone Vulnerability Scanner
  • Security Content Automation Protocol (SCAP)
  • Symantec Endpoint
Desired Skills and Experience:
  • Experience working with Federal Information Security Modernization Act (FISMA), requirements, and National Institute of Standards and Technology (NIST) guidelines.
  • Experience applying, analyzing and assessing information systems and security controls (NIST SP 800-53, Rev 4).
  • Understanding of attack vectors and methodologies.
  • Knowledge of and experience with applying Common Weakness Enumeration (CWE) and Common Vulnerability Scoring System (CVSS).
  • Experience working with perimeter technologies (e.g., firewalls, proxies, NIDS) and vulnerability management tools.
  • Interest in learning the concepts of business development and capturing new business
  • Security+, CASP or equivalent security certification.
  • Experience with vulnerability management, patch management and configuration management best practices.
  • Knowledge and understanding of software development lifecycle (SDLC).
  • Working knowledge of CMMI and ITIL
Note: If you feel you are qualified and want to be considered for this position, please supply the following to dm.cts@summtech.com and please put the job number '5301' in the subject line. Summit Technologies Inc. appreciates your interest. We will contact the best matching prospects, and will consider you for future opportunities. We will not submit your resume without your prior knowledge and consent.
When applying, we need the following:
1) Latest resume with dates of employment included
2) Compensation requirements (salary or hourly)
3) Availability to interview (i.e. Friday before 11 AM EST)
4) Best way to get in touch with you (email address and mobile phone number)
5) Reason you are seeking new employment
6) Professional references
Diversity creates a healthier atmosphere: Summit is an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law. Positions that require U.S. citizenship or clearances are due to specific requirements of the U.S. government and non-negotiable.