Full-time
Senior IT Security Analyst (Cambridge, MA, Rockville, MD, or Boulder, CO)

Opportunity

 

Abt Associates seeks a qualified Senior IT Security Analyst to support the Information Technology department in either the Cambridge, MA, Rockville, MD, or Boulder, CO, office. The candidate will join an existing IT Security team that has responsibility for designing, implementing and supporting information security solutions for a global think tank. We are seeking a driven and engaged Information Security Analyst to define, promote, and ensure the security implementation and architecture of our existing and upcoming systems through proper planning, design, installation, maintenance, management, and coordination of security standards and frameworks.

 

Key Roles and Responsibilities

 

  • Responsible for baseline configurations and design; defining and ensuring compliance with a patching (and backup) processes; vulnerability scanning of applications and systems; defining security metrics and reporting; embedding security into our system development lifecycle process; and other security related duties
  • Responsible for multiple aspects of project delivery; may require gathering and working outside Information Security group to execute
  • Participates in IT-system and application designs by providing security requirements and perspective during the requirements and initial build phases
  • Documents and articulates security standards for a wide range of products including network devices, virtual machines, mobile devices, and application development
  • Creates, documents, and defines security processes, policies, and procedures
  • Supports the SDLC definition by defining, managing, and supporting security control gates and review points as a member of a change control boards
  • Manages vulnerability scans and the recommendations associated with each scan
  • Assists the Information Technology and other departments with patching and security related activities   

 

Preferred Skills / Prerequisites

 

  • Bachelor's Degree or higher in Information Security, Computer Science, or a related technical discipline
  • 5-10 years of relevant work experience implementing technical security policies and practices
  • Advanced skills in SIEM technologies (such as Elastic); Firewalls; TCP/IP networking; virtualized client/server environments; application development and architectures; and remote management and troubleshooting
  • Works with minimal direct management
  • Thorough understanding of networking, system administration, architectures and security elements to include firewalls, intrusion detection systems, virtualization technologies, encryption, and servers
  • Ability to identify, understand, articulate, and manage risks across technical disciplines and business units able to provide prioritization and remediation efforts in a timely and repeatable manner for identified risks
  • Strong ability to document a system at various levels of detail ranging from specific implementation of controls for security plans to high-level Visio diagrams and descriptions for Concept of Operations
  • Experience running meetings and developing meaningful agenda, minutes, and action plans
  • Familiarity with regulatory and legal requirements (i.e., FISMA, SOX, HIPAA requirements) a plus
  • Strong analytical skills and attention to detail
  • Excellent time management skills, and the ability to prioritize and multi-task while proactively managing customer expectations
  • Ability to work efficiently and independently with minimal supervision (i.e. self-motivated and willing to stretch to meet important deadlines
  • Certified Information Systems Security Professional (CISSP) certification, SANS and other InfoSec related certification a plus

 

Minimum Qualifications

 

  • 5-7 years of experience in Information Technology with a preference for 3-5 years in Information Security
Apply for this job  or Save to My Jobs

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.