Job Description :
We are looking for mid-range and senior Security Analyst. Best rate market
Location: Baltimore
Federal client
Rate: DOE
Position Overview:
- Responsible for planning and implementing risk management strategies, processes and programs. Manages resolution of incidents / problems throughout the information system lifecycle, including classification, prioritization and initiation of action, documentation of root causes and implementation of remedies. Development and execution of information risk controls and management strategies. Procures and governs information risk management services and consultants.
- The implementation of organization-wide processes and procedures for the management of operational risk.
- The development of and execution of information risk controls and management strategies to maintain the confidentiality, integrity, availability, accountability and relevant compliance of information systems.
- The resolution of incidents and problems throughout the information system lifecycle, including classification, prioritization and initiation of action, documentation of root causes and implementation of remedies.
- This role will specialize on a specific technology and/or risk management discipline. Examples of specialization areas can be any technology, technique, method, product or application area as they pertain to the disciplines of information security, privacy, disaster recovery, and regulatory compliance.
- Works under general supervision.
- Uses discretion in identifying and resolving complex problems and assignments.
- Specific instruction is usually given and work is reviewed at frequent milestones.
- Decisions may impact work assigned to individual/phases of project.
- Specialized range of work, of relatively less complexity and standard, in variety of environments.
- Uses best practices and knowledge of internal or external business issues to improve products or services
- Acts as a resource for colleagues with less experience
- Decisions guided by policies, procedures and business plan
- Generally domestic scope/accountability
Preferred Qualifications:
- 5 years’ experience as a Security Analyst
- Bachelor''s Degree in Computer Science, Information Systems, or related field.
- CISSP Certified. Other certifications a plus (ie. ABCP, CFCP, CIPP, CISA, FBCP, GCIH, GCFA, GCFW, GCWN, GSEC, SANS
Basic understanding the following security domains with technical expertise in at least one:
- Access Control Systems and Methodology
- Telecommunications and Network Security
- Business Continuity Planning and Disaster Recovery Planning
- Security Management Practices
- Security Architecture and Models
- Law, Investigation, and Ethics
- Application and Systems Development Security
- Computer Operations Security
- Physical Security
- Relevant industry standards awareness / governmental regulations awareness
- Disaster Recovery Domain
Basic understanding of the following Business Continuity domain areas with technical expertise in at least two:
- Project Initiation and Management
- Risk Evaluation and Control
- Business Impact Analysis
- Developing Business Continuity Strategies
- Awareness and Training Programs
- Exercising and Maintaining Business Continuity Plans
- Public Relations and Crisis Coordination
- Coordinating with External Agencies
- Relevant industry standards awareness / governmental program awareness.