Exact compensation may vary based on several factors, including skills, experience, and education.
Required Skills & Experience
5+ years of Security Analyst experience in for a government customer or software company
3+ years working in a Cloud environment, specifically supporting software in the cloud
Experience using Xacta or a similar tool for compliance assessments and security questionnaires
Experience writing SSP's and POAMs (not just editing, writing from scratch)
Experience running and analyzing security assessments
Nice to Have Skills & Experience
Bachelors degree in Comp Science or IT
Hands on experience with FedRAMP protocols
Job Description
This position is for our large cloud software client. The main function of an IT Security Analyst is to plan, coordinate, and implement security measures for information systems to regulate access to computer data files and prevent unauthorized modification, destruction or disclosure of information. A typical IT Security Analyst is responsible for planning, coordinating and implementing security measures to safeguard the computer database. This person has to be an IT skilled person, this role is not functional, it is more technical in the sense of knowing how security works in a cloud environment as they install their software for customers. Job Responsibilities: - Identify security issues and risks, and develop mitigation plans . - Architect, design, implement, support, and evaluate security-focused tools and services including project leadership roles. - Develop and interpret security policies and procedures. - Participate in security compliance efforts. - Develop and deliver training materials and perform general security awareness and specific security technology training . - Evaluate and recommend new and emerging security products and technologies. Qualifications: - Strong experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security. - Consistent implementation of security solutions. - Experience in infrastructure or application-level vulnerability testing and auditing.