Responsibilities
Our SSA program in Baltimore, MD is looking for an
Information Security Analyst.
T his position is remote but must be within the local DMV area.
Some travel required. The successful candidate will be part of Peraton's Defense Mission and Health Solutions Sector.
What you will do:
The qualified applicant will provide IT Security Risk and Compliance support to various international and domestic SSA information systems and serve as an IT Security support resource to system stakeholders on matters related to regulatory compliance, security controls, threats and vulnerabilities.
Travel to assist with conducting each on-site assessment and to provide SME input.
Examine on-site assessment documents and supporting artifacts from contractors handling FTI.
Examine, interview and test activities during the on-site assessment in compliance with IRC 6103.
Provide guidance and consultative services that support SSA's governance of FTI.
Formally evaluate systems (either in development or in production) for compliance with IRS Publication 1075, IRC 6103, laws, regulations, and policies, and procedures related to protect the confidentiality of FTI.
Skillfully apply cybersecurity and other principles used to manage risk related to the use, processing, storage, destruction, and transmission of FTI or data.
Identify the effectiveness of controls set forth by IRC 6103.
Implement the TFA On-site Review Template to document proof that FTI safeguards are performing effectively and producing the required outcomes.
Examine all FTI safeguard implementation statements in the On-Site Review Template to ensure they accurately and completely reflect how each safeguard is implemented. Implementation statements shall reflect how the FTI safeguard is actually tested.
Interpret and evaluate the implementation of NIST 800-53A Rev 4 Security controls as passed or failed.
Collect technical and physical evidence, artifacts and document the findings to support conclusions.
Provide detailed and high level reports of the assessments and findings.
Evaluate proposed remediation of identified deficiencies.
Provide guidance, input, or assistance on assessments to staff.
Produce reports detailed enough to document POA&Ms from. If any questions arise the third party assessor is expected to provide timely answers.
Qualifications
Required Qualifications:
Bachelor's degree in Computer Science, Information Systems Management, or a related field with 5 years of experience. Masters degree with 3 years of relevant experience.
Additional 4 years of experience maybe accepted in lieu of the degree.
Knowledge of computer operating systems and networks, component architectures, application development, and/or data management processes and technologies – the successful candidate must understand the fundamental technical components, processes, and interactions of enterprise-level information systems
3 years of experience with fundamental information security concepts and processes such as risk assessment and mitigation strategies, security control techniques and technologies, assessment and evaluation methods, and user access control methodologies
Excellent analytic skills – the successful candidate must be able to receive information, digest it, and apply standards and requirements to that information and in order to produce a clear and effective evaluation / assessment
Demonstrated facility with technical documentation
Ability to effectively manage time, and prioritize and execute tasks in a high-pressure environment
Must be able to pass required Federal background screening / security check including basic and expanded investigations
One or more industry certifications including CISSP, CAP, SANS GIAC Certifications, IAT or IAM Level I-III, or NSA's IAM/IEM
Desire and ability to quickly obtain industry certifications, if needed
Must be a US Citizen
Must be able to obtain and maintain the required agency clearance
Preferred Qualifications:
Candidates with these desired skills will be given preferential consideration:
Knowledge of executing examination, interview, testing and collecting all relevant information.
Ability to analyze collected data and proposed mitigating recommendations.
Ability to make decisions based upon analysis of documentation.
Ability to provide advice and technical support to SSA staff.
Knowledge in assessment activities.
Skill in applying risk management process (e.g., methods for assessing).
Active Public Trust clearance
Peraton Overview
Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.
Target Salary Range
$86,000 - $138,000. This represents the typical salary range for this position based on experience and other factors.
