It Security Analyst–Security Systems & Operations

Job Title: IT - Cyber Security Specialist IV

Location work will be performed: Arlington VA

This individual will be able to provide support remotely without mileage limitations. Preferred if candidate lived within driving distance of Arlington, VA office though, so they can provide in person support if needed.

: Job Title: IT Security Analyst– Security Systems & Operations

We are seeking an IT Security Analyst for Systems Security and Operations.The IT Security Office is responsible for protecting the information and assets within the OIG’s information technology infrastructure. The OIG’s information resources are sensitive assets and are critical in the performance of its mission; therefore, information security services help safeguard the information resources entrusted to the OIG.

Position Description

Manages and administers a wide range of security systems and tools:

• Conducts cyber threat and vulnerability analysis and remediation.
• Serves as Incident Response Team member.
• Develops security architecture and technical solutions for security products.
• Evaluates, recommends, and implements security controls for mobile device solutions.
• Develops and executes project plans to engineer, construct, deploy, and monitor/manage IT Security infrastructure solutions.
• Reviews new and existing systems to ensure baseline security requirements are met and to recommend security enhancements.
• Identifies security risks and recommends risk mitigation strategies.
• Manages IT Security awareness training program in coordination with the Learning Management team, to including developing and delivering IT Security awareness training modules.
• Manages security incident detection, response, remediation.
• Evaluates, recommends, and implements security controls associated with cloud-hosted environments, services, and solutions.
• Responds to IT Security trouble tickets generated by customers and IT staff. Identifies solutions, works with customer andOCIOteam to execute solutions, and manages ticket input, updates, and resolution in theOCIOticketingsystem to maintain service level agreements.
• Manages Password Management system in coordination with Service Desk.
• Operates cloud-based security tools such as, Azure Security Center (Sentinel, Log Analytics, Azure WAF, Defender for Identity, Privileged Identity Manager); Microsoft 365 Security Suite (Defender, Advanced Threat Protection, Cloud Application Security, Protection Portal); Microsoft Security and Compliance Center; Microsoft Endpoint Manager (Intune); multi-factor authentication (MFA); web content filtering; and secure document sharing and collaboration solutions.
• Demonstrates in-depth understanding of security requirements associated with cloud- hosted environments, services, and solutions.
• Responsible for primary or alternate management of all IT Security systems including patch management, upgrades, integration engineering, and reportingExecutes security related operational activities
• Administers cloud-based security tools such as, Azure Security Center (Sentinel, Log Analytics, Azure WAF, Defender for Identity, Privileged Identity Manager); Microsoft 365 Security Suite (Defender, Advanced Threat Protection, Cloud Application Security, Protection Portal); Microsoft Security and Compliance Center; Microsoft Endpoint Manager (Intune); multi-factor authentication (MFA); web content filtering; and secure document sharing and collaboration solutions.
• Develops security metrics and manages reporting and compliance.
• Supports operational implementation ofFISMA/NISTstandards and industry best practices.
• Supports Security Operations and Engineering by providing technical solution support and expertise
• Collaborates with staff from OCIO and other business components to develop security controls and solutions for complex business systems and applications.

Primary Requirements:

• Ability to effectively communicate both orally and in writing with management and other technical specialists.
• Must have resided in the US for the last 5 years.
• Skill in making recommendations that significantly influence OIG’s information security policies or programs. Experience building policies and preparing briefings to explain security programs and requirements to senior executives.
• MUST have a Degree in Information Assurance, Information Systems, Computer Science, or related field.
• Microsoft certification(s): Azure Security Engineer Associate, Security Operation Analyst Associate, Identity and Access Administrator Associate, Information Protection Administrator Associate (desired)
• MUST have at least 7 years of specialized IT experience with at least 5 years in IT Security.
• SANS GIAC or ISC2 certification(s) (or equivalent)
• Demonstrated knowledge of and ability to configure, manage, and administer cloud-based security tools such as, Azure Security Center (Sentinel, Log Analytics, Azure WAF, Defender for Identity, Privileged Identity Manager); Microsoft 365 Security Suite (Defender, Advanced Threat Protection, Cloud Application Security, Protection Portal); Microsoft Security and Compliance Center; Microsoft Endpoint Manager (Intune); multi-factor authentication (MFA); web content filtering; and secure document sharing and collaboration solutions.
• Ability to plan, organize and manage tasks on time with minimal supervision.
• Ability to ensure coordination and collaboration on security activities.
• Experience developing System Security Plans, Security Assessment Reports, Continuous Monitoring Plans, and Plans of Action & Milestones.
• Skill & Ability to provide expert technical advice, guidance, and recommendations to management and other technical specialists on critical information technology security issues.
• Knowledge of security controls for cloud-hosted environments, applications, and services.
• Must be able to obtain a Position of Public Trust Clearance – US Citizen or Permanent Resident (Green Card Holder), and must not have traveled outside the US for a combined total of 6 months or more in last 5 years.
• Skill & Ability to assess risk factors and advise on vulnerability to attack from a variety of sources and procedures for protection of systems and applications.
• Skill and Ability in executing Security Operations including incident detection, identification, management, response, and reporting. Must have experience in incident response and management.
• Knowledge & Skill in implementing FISMA, NIST, OMB guidelines, and other Federal regulations and guidance. Experience interpreting and implementing FISMA/NIST requirements focused on the operational implementation and documentation of those requirements.

Thanks & Regards,

Tellamekala Golla Vamsi

IT Recruiter

Lucid Technologies Inc

O: 214-385-4144 Ext: 214

F: 214-889-5857­­­

W: www.LucidTechINC.com

Supplier Registration: https://lucidtechinc.com/supplierregistration