Security Analyst

Description

This position requires Secret Security Clearance

COMPANY OVERVIEW

Founded in 2008, LNO, Inc. is a rapidly growing SBA certified Service-Disabled Veteran-Owned Small Business (SDVOSB) and Native American-Owned business headquartered in Augusta, Georgia. We are a proven team of highly experienced former service members, Instructors, System Engineers, Network Administrators, Cybersecurity Experts, Electronics Technicians, Field Service Engineers, Systems Designers, Logisticians, and Project Management professionals. Our core capabilities include delivering leading-edge solutions to the most common technology challenges we are asked to solve such as Systems Integration, Equipment Configuration and Validation, Network Modernization, Cybersecurity Operations, Mission Operations, and Technology and Business Training.

POSITION OVERVIEW

Security Analyst supporting Diplomatic Security at the Department of State in the Office of the Chief Technology Officer (CTO). CTO is the primary IT group within the Bureau of Diplomatic Security, providing many web applications and other services used by Federal and local law enforcement officers worldwide.

RESPONSIBILITIES

• Assessing systems for compliance for security controls throughout system development life cycle and continuous monitoring phase.
• Familiar with NIST Rev 4 and 5 security controls.
• Documenting security control implementation statements.
• The ability to create and comprehend topology and network diagrams.
• Demonstrated experience creating system continuous monitoring and contingency plans that identify critical mission and business functions and recovery processes and procedures.
• Work with application project teams and operations teams to complete RMF steps 1 through 3, as required for RMF steps 4,5 and, 6.
• Produce, develop, and maintain all required security documentation.
• Complete a weekly activity report.
• Provide recommendations and guidance for all non-compliant security controls
• Responsible for knowledge of and assisting project teams and registering systems in iMatrix and Xacta.
• Request, gather, and comprehend evidence required to closeout open POAMS.
• Execution and knowledge of FISMA tasks consist of system authorization/reauthorization, Privacy Impact Assessments, system security categorization, and development of required security documentation required for DS application systems
• Conduct comprehensive self-assessments consisting of automated and manual security assessments of the management, operational, and technical security controls employed within or inherited by DS information systems to determine the overall effectiveness of the controls
• All other duties assigned

QUALIFICATIONS

Preferred

• Certified Information Systems Security Professional (CISSP) and/or a Certified Information Systems Auditor (CISA)
• Prior server, networking, or application administrative, engineering or system architect experience.
• Experience working in a matrix organizational structure.
• Previous experience using Xacta, JIRA, and/or Service Now
• Some knowledge of SDLC, project manage principles, and ITIL.
• Knowledge of the FAM and FAH Policies

Required

• B.A and/or B.S.
• A minimum of five to seven (5-7) years of experience in performing system and application certifications and accreditations.
• Expert in the processes and documentation requirements for numerous C&A methodologies
• CISM, CISSP, CAP and/or other equivalent certificates
• Advanced practical experience in managing all phases of systems C&A activities ranging from early concept development to system retirement.
• Demonstrated experience supporting Government Agencies preferably DOS.
• Proficient or able to gain proficiency with a broad array of security software application and tools
• Organized with attention to detail
• Willing to learn