Cyber Information Security Analyst
Job Description Cyber Information Security Analyst Position Description CGI Federal is seeking a qualified Cyber Information Security Analyst that will support the CGI Federal ISSO Support Team.
.
The CGI Federal Information System Security Officer (ISSO) provides guidance and oversight to project teams, client groups, and delivery teams in support of security governance and compliance for the services CGI Federal is delivering.
The ISSO member will participate as part of a security team that supports projects information security needs to comply with Federal agency's comprehensive security program to include NIST Risk Management Framework and FedRAMP authorizations.
Your future duties and responsibilities The responsibilities of the Cyber Information Security Analyst include, but are not limited to:
Maintain operational security posture for an information system or program to ensure information systems security design, implementation, management and review of policies, standards, baselines, procedures, and guidelines are established and followed.
Understand the business functions to help ensure business is conducted as securely as possible.
Create and review documentation to support Systems Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs).
Identify, manage and monitor POA&Ms, assisting Business Units or Clients in improving the quality and effectiveness of their POAMs.
Provide guidance through remediation as well as develop corrective action plans for each POA&Ms.
Provide continuous monitoring and event-driven monitoring management services to include running adhoc or on demand scanning of project teams environment.
Identify assets and associated vulnerabilities and provide recommendations for remediation.
Ensure audit records and event logs are collected, reviewed, and documented (to include any anomalies) Document security breaches and assess their damage.
Provide configuration management (CM) for information system security software, hardware, and firmware; manage changes to system and assess the security impact of those changes.
Work with multiple teams and client project team members and establish and maintain a strong customer-focused working relationship.
Assist the System Owner operate the system as securely as possible to fulfill mission requirements.
Establish and maintain regular written and in-person communications with the organization's executives, department heads and end users regarding pertinent security activities.
Keep up to date with developments in IT security standards and threats.
Provide detailed and accurate technical reporting of analysis results in the form of PowerPoint presentations and/or Word documents, as well as oral briefings on complex technical subjects attuned to senior management, technical, or non-technical audiences.
Required qualifications to be successful in this role Minimum of five (5) to eight (8) years of Cyber Information Security Analysis.
Experience with FedRAMP and NIST compliance; Experience with cloud security for AWS, and Azure environments; Experience with network architecture concepts, common ports and protocols, and network monitoring tools; Experience with writing clear and concise technical documents specifically policies, processes, and procedural documentation; Experience with Nessus and Trend Micro solutions; Organizational skills and the ability to work autonomously with attention to detail and processes; Excellent communication skills with experience providing incident briefings to peers, management and clients; Excellent written skills with experience creating formal incident reports.
DESIRED QUALIFICATIONS Industry recognized professional certification such as CISSP, Security
Experience with NIST 800-53 Direct experience with certification and accreditation techniques and methodologies AWS Cloud Practitioner #CGIFederalJob Est.
Salary Range (Colorado Only):
$66,000 - 135,000
Disclaimer:
In accordance with Colorado's Equal Pay for Equal Work Act, effective January 1, 2021, a good faith hourly or base salary range must be posted for all positions where the work may be performed in the state of Colorado.
Therefore, this good faith salary range will only apply where this described position will be performed in the state, and should not be considered the compensation range in other locations or for other positions.
At CGI we call our professionals members to reinforce that all who join our team are, as owners, empowered to participate in the challenges and rewards that come from building a world-class company.
CGI's benefits include:
Competitive base salaries Eligibility to participate in an attractive Share Purchase Plan (SPP) in which the company matches dollar-for-dollar contributions made by eligible employees, up to a maximum, for their job category 401(k) Plan and Profit Participation for eligible members.
Estimated Salary: $20 to $28 per hour based on qualifications.
.
The CGI Federal Information System Security Officer (ISSO) provides guidance and oversight to project teams, client groups, and delivery teams in support of security governance and compliance for the services CGI Federal is delivering.
The ISSO member will participate as part of a security team that supports projects information security needs to comply with Federal agency's comprehensive security program to include NIST Risk Management Framework and FedRAMP authorizations.
Your future duties and responsibilities The responsibilities of the Cyber Information Security Analyst include, but are not limited to:
Maintain operational security posture for an information system or program to ensure information systems security design, implementation, management and review of policies, standards, baselines, procedures, and guidelines are established and followed.
Understand the business functions to help ensure business is conducted as securely as possible.
Create and review documentation to support Systems Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs).
Identify, manage and monitor POA&Ms, assisting Business Units or Clients in improving the quality and effectiveness of their POAMs.
Provide guidance through remediation as well as develop corrective action plans for each POA&Ms.
Provide continuous monitoring and event-driven monitoring management services to include running adhoc or on demand scanning of project teams environment.
Identify assets and associated vulnerabilities and provide recommendations for remediation.
Ensure audit records and event logs are collected, reviewed, and documented (to include any anomalies) Document security breaches and assess their damage.
Provide configuration management (CM) for information system security software, hardware, and firmware; manage changes to system and assess the security impact of those changes.
Work with multiple teams and client project team members and establish and maintain a strong customer-focused working relationship.
Assist the System Owner operate the system as securely as possible to fulfill mission requirements.
Establish and maintain regular written and in-person communications with the organization's executives, department heads and end users regarding pertinent security activities.
Keep up to date with developments in IT security standards and threats.
Provide detailed and accurate technical reporting of analysis results in the form of PowerPoint presentations and/or Word documents, as well as oral briefings on complex technical subjects attuned to senior management, technical, or non-technical audiences.
Required qualifications to be successful in this role Minimum of five (5) to eight (8) years of Cyber Information Security Analysis.
Experience with FedRAMP and NIST compliance; Experience with cloud security for AWS, and Azure environments; Experience with network architecture concepts, common ports and protocols, and network monitoring tools; Experience with writing clear and concise technical documents specifically policies, processes, and procedural documentation; Experience with Nessus and Trend Micro solutions; Organizational skills and the ability to work autonomously with attention to detail and processes; Excellent communication skills with experience providing incident briefings to peers, management and clients; Excellent written skills with experience creating formal incident reports.
DESIRED QUALIFICATIONS Industry recognized professional certification such as CISSP, Security
Experience with NIST 800-53 Direct experience with certification and accreditation techniques and methodologies AWS Cloud Practitioner #CGIFederalJob Est.
Salary Range (Colorado Only):
$66,000 - 135,000
Disclaimer:
In accordance with Colorado's Equal Pay for Equal Work Act, effective January 1, 2021, a good faith hourly or base salary range must be posted for all positions where the work may be performed in the state of Colorado.
Therefore, this good faith salary range will only apply where this described position will be performed in the state, and should not be considered the compensation range in other locations or for other positions.
At CGI we call our professionals members to reinforce that all who join our team are, as owners, empowered to participate in the challenges and rewards that come from building a world-class company.
CGI's benefits include:
Competitive base salaries Eligibility to participate in an attractive Share Purchase Plan (SPP) in which the company matches dollar-for-dollar contributions made by eligible employees, up to a maximum, for their job category 401(k) Plan and Profit Participation for eligible members.
Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
