Senior Information Security Analyst 302
IC-CAP LLC is a Woman Owned / HUBZone Small Business working in the Department of Defense and Intelligence Community. We are always looking for highly talented, energetic, and dynamic professionals that are interested in protecting the defense of our nation.
We are looking to fill this position at the following location(s):
- Washington, DC
Senior Information Security Analyst (Senior Principal Computer System Security Analyst):
Candidates will be working to support the transformation of all-source analysis with location-based object services. Visualizing and recreating the tools to assist analysts with protecting our nation. We also have positions available in Northern Viriginia.
Possesses and applies a comprehensive knowledge across key tasks and high impact assignments. Plans and leads major technology assignments. Evaluates performance results and recommends major changes affecting short-term project growth and success. Functions as a technical expert across multiple project assignments. May supervise others.
Designs, tests, and implements state-of-the-art secure operating systems, networks, and database products. Conducts risk assessment and provides recommendations for application design. Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access. Uses encryption technology, penetration and vulnerability analysis of various security technologies, and information technology security research. May prepare security reports to regulatory agencies
9+ Years’ experience
Bachelor of Science degree
Systems Security Analyst performs TALOS application security activities related to software system security implementations and controls for all CLINs
Leads application security testers and pen testers, and ensures DAST and SAST approaches are effectively applied by scrum teams during the development and maintenance of applications, microservices, and systems
Develops scripts as needed to automate security testing
Coordinates with the DevOps Lead to incorporate security implementation, testing, and monitoring into the DevOpsSec pipeline
Leads security testers to identify vulnerabilities, confirm whether vulnerabilities are exploitable or false positives, and that secure coding best practices are followed by developers
Participates in scrum sessions with development teams to provide oversight and direction regarding selection and implementation of security controls
Collaborates with the Enterprise Operations and Event Monitoring and Management team to coordinate monitoring requirements for new and modified software
Prepares and delivers security documentation including Bodies of Evidence and System Security
Plan Updates in accordance with the Risk Management Framework (RMF) process.
TS/SCI with CI poly