SRA International, Inc., A CSRA Company Sr. Cyber Security Analyst in Washington, District Of Columbia

Clearance Level Must Currently Possess:

No Active Clearance Required

Clearance Level Must Be Able to Obtain:

No Active Clearance Required

Suitability:

Public Trust

Job Family:

Information Technology

Job Description:

CSRA is looking for a Senior Cyber Security Analyst to support our federal client Federal Energy Regulatory Commission (FERC) located in Washington, DC. The Senior Cyber Security Analyst Provides leadership to a cyber-security program, implementing a Risk Management framework approach to managing agency risks. Matures the agency's cyber program to a Continuous Monitoring program approach. Develops accreditation packages, documents risks and recommendations, developed security memorandums. Reviews tests results and provides independent Q&A and validation of results. Manages risks by providing formal and information risk assessments and facilitates POA&M management.

The Senior Cyber Security Analyst develops cyber security programs, processes, policies, and procedures. Fosters cyber security awareness. Conducts cyber incident and event analysis and investigation. Assesses network vulnerabilities. Ensures necessary data protection and security controls.

Responsibilities:

The Senior Cyber Security Analyst will actively participate in conducting security assessments of systems to identify vulnerabilities, providing recommendations for their remediation, and assisting system owners in implementing effective safeguards. Validating that controls are risk rated and risk statements are clearly stated and capture the specific business impact to the judiciary in the event that a deficiency is exploited.

Additional responsibilities may include but are not limited to:

  • Developing security assessment plans for systems, including the objectives, scope, schedule, required documentation, possible risks, and other logistical items for security assessments

  • Develops cloud service provider testing approach

  • Provides validation of security control tests for cloud service provides

  • Coordinating access to systems and approvals for scanning activities

  • Conducting ad hoc testing on an as-needed basis to assist with development activities or vulnerability remediation

  • Reviewing/testing system security controls (managerial, operational, and technical) to determine adequacy against federal requirements (e.g., NIST SP 800-53) and mission context.

  • Documenting plans of action and milestones for corrective action following assessment activities and in response to identified vulnerabilities

  • Draft security policies and procedures including the system security plan, and agency specific policies in accordance with NIST requirements

  • Routinely conduct risk assessments to quantify impacts of vulnerabilities or decisions to the federal government.

Qualifications:

Education:

6-9+ Years; Bachelors, Desired Education: Masters.

Required Experience:

  • BS in Engineering, Computer Science or related Science degree

  • Experience with Risk Management Frameworks

  • Minimum of 3 years’ experience related to NIST 800-53a Rev 4 control testing/validation

  • Minimum of 6 years’ managing and conducting A&A engagements

  • Minimum of 5 years’ experience in information security fundamental/principles

Nice to Have:

  • Certified Information Systems Security Professional (CISSP)

  • Security+ Certified Information Security Manager (CISM)

  • Certified Ethical Hacker (CEH)

# of Openings:

1

Scheduled Weekly Hours:

40

T elecommuting Options:

Telecommuting Not Allowed

Work Location:

USA DC Washington - 888 First St NE (DCC123)

Additional Work Locations:

CSRA is committed to creating a diverse environment and is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.

THINK NEXT. NOW.

CSRA is tomorrow’s thinking, today. To “Think Next. Now.” is to imagine a better future and to deliver it, today. For our customers, our partners, and ultimately, all the people our mission touches, CSRA is realizing the promise of technology to change the world through next-generation thinking and meaningful results.

We understand that our customers' missions require new methods and imaginative thinking. We bring together government IT professionals, emerging technologies, and the brightest, cutting-edge advisors in the industry to deliver a broad range of innovative, next-generation IT solutions and professional services to help our customers modernize their legacy systems, protect their networks and assets, and improve the effectiveness and efficiency of mission-critical functions for our warfighters and our citizens.

Everywhere you look, CSRA is there. We’re in our nation’s infrastructure, in training and education, in cyber security, in serving veterans who served us—and, so much more. Take some time to learn more about CSRA. You might be surprised to learn how we touch your life.

We are a company of 18,000+ smart, talented individuals, yet we enjoy a start-up culture that inspires us to make a difference while delivering results in this rapidly evolving world. Join our team and use your skills and expertise to support the safety, security, health and well-being of the nation.