Information Security Analyst

Information Security Analyst

Information Systems Solutions (ISS) is looking for an Information Security Analyst supporting Fort Novosel, AL.

Specific duties include, but are not limited to the following:

• Responsible for maintaining the security posture of our program by conducting compliance checks and vulnerability scanning using the Assured Compliance Assessment Solution (ACAS)
• Requires a deep understanding of cybersecurity principles, risk management, and familiarity with various compliance frameworks
• Implement and manage the ACAS suite to conduct regular vulnerability scans across the programs' network infrastructure
• Analyze scan results, prioritize vulnerabilities based on risk, and report findings to relevant stakeholders
• Develop and maintain scanning policies and procedures to ensure comprehensive coverage of assets
• Work closely with IT and development teams to remediate identified vulnerabilities in a timely manner
• Ensure compliance with relevant cybersecurity frameworks, standards, and regulations (e.g., NIST)
• Assist in the development of System Security Plans (SSPs) and other documentation required for compliance purposes
• Collaborate with the compliance team to prepare for internal and external audits
• Provide technical guidance on security best practices and assist in security awareness training initiatives
• Stay current with emerging security threats, vulnerabilities, and controls
• Manage the Plan of Action and Milestones
• Prepare, review and update RMF documentation
• Participate in incident response activities as needed.

Why Work For ISS?

At ISS we pride ourselves on providing an employee-focused and family first environment. Being a small business, we take the time to get to know our employees and have a vested interest in helping them achieve their career goals. We work to schedule regular social gatherings within the company to foster camaraderie. ISS values their employees by providing a comprehensive benefits package that includes a fully vested 401(k) matching program, coverage of family medical deductibles, spot bonuses, and educational assistance to further your career.

Clearance Level

Secret clearance

Certifications (IAT Level II)

One of the following:

• CCNA-Security
• CySA+
• GICSP
• GSEC
• Security+ CE
• CND
• SSCP

Required Skills

• At least 4 years of experience in cybersecurity or equivalent field
• Bachelor’s degree or equivalent experience
• Knowledge with of the NAVINTEL ICD 503 Risk Management Framework (RMF) Implementation Policies/Directives and Dept. of Navy (DON) cybersecurity Policies/Directives.
• Knowledge and experience with automated tools such as Assured Compliance Assessment Solution (ACAS), Center for Internet Security (CIS) Benchmark, and Security Content Automation Protocol (SCAP), and Retina.
• Knowledge and experience of cybersecurity, A&A and RMF documentation development and support.