Data Systems Analysts, Inc.
Intermediate Information Security Analyst
Data Systems Analysts, Inc. - Fairfax, Virginia, United States, 22032
Work at Data Systems Analysts, Inc.
Overview
- View job
Overview
Intermediate Information Security Analyst
DSA is hiring an Intermediate Information Security Analyst. This is a full-time position supporting a customer in the DC Metro area with a HYBRID Schedule. This position supports the Environmental Protection Agency (EPA). DSA is the Prime and has been working with this customer on this contract for more than 13 years. It is a dynamic team with a passion for supporting Federal programs that serve US Citizens.
Location is Hybrid: Allows the candidate the ability to work onsite at DSA or customer site with potential for telework. DSA work locations include Fairfax VA.
Work Location is flexible with telework as approved. The ability to work onsite each week is required. Core work hours dedicated to DSA and our direct customer are 8 am est to 5 pm est.
The Environmental Protection Agency (EPA) Office of Information Security and Privacy (OISP) is responsible for developing and maintaining agency wide information security and privacy programs; developing and maintaining information security and privacy policies, procedures, and control techniques; training personnel with significant information security responsibilities and assisting senior agency officials with information security and privacy responsibilities.
The Intermediate Information Security Analyst will be an integral part of a team responsible for supporting the development and maturation of an Agency-wide information security (InfoSec) program for a large civilian Federal agency. The candidate will serve as a subject matter expert with regards to the Risk Management Framework (RMF) and all associated information security policies and procedures and should possess in-depth knowledge of applying, selecting and testing the NIST family of security controls.
Primary Responsibilities: Advising stakeholders on InfoSec initiatives including compliance, awareness and training, and security operations. Leading Independent Validation and Verification (IV&V) efforts on security authorization/ATO packages to ensure compliance to agency requirements. Leveraging the existing Governance, Risk, and Compliance (GRC) tool, Telos Xacta (or an alternate like CSAM or RSA Archer), to track and reconcile findings from assessments, audits, and vulnerability scans. Coordinating government data calls (FISMA, FMFIA, BDR, etc.) and monthly reports. Assessing the effectiveness of the InfoSec and privacy training program and leading the collection, analyzing, and presentation of enterprise-level InfoSec performance metrics. Managing InfoSec Program POA&Ms, including advising on remediation efforts. Providing administrative support to Xacta (or equivalent GRC tool) users and authoring operational procedures. Working closely with senior agency security officials, system owners, information system security officers (ISSOs) and other stakeholders to advise and implement security solutions. Identifying opportunities for efficiencies in work process and innovative approaches. Participating in team problem solving efforts and offer ideas to solve client issues. Preparing and assisting in the development of policy and procedures. Conducting relevant research, data analysis, and developing reports. Preparing and assisting in the development of policy and procedures for program-level management and promoting consistency in program management best practices. Implementing processes and procedures to monitor risk across programs / projects. Preparing briefings to executive team to debrief the results of studies, analyses, and plans.
Required Qualifications: Ability to obtain a Public Trust Bachelor's degree in Information Technology or related field and 5 years of relevant IA experience. May substitute security certification (e.g. CISSP) for 2 years of experience. Excellent written and verbal communication skills. Possess in-depth knowledge of applying, selecting and testing the NIST 800-53 Rev 4 security controls. Possess in-depth knowledge of NIST 800-37 Risk Management Framework. Experience with a Governance, Risk and Compliance tool (e.g., Xacta, RSA Archer, CSAM or eMASS). Excellent attention to detail. Ability to handle and prioritize multiple tasks and deadlines. Possible travel to DC Client site/DSA office for badging/equipment. Desired Qualifications: Intermediate level cybersecurity certification (e.g., CompTIA Security+, ISC2 CGRC). In-depth knowledge of applying, selecting and testing the NIST 800-53 Rev 5 security controls. Public Trust #DSA209 #LI-CW1 Many of DSA's positions require the ability to obtain a security clearance. Security clearances may only be granted to U.S. citizens. In addition, applicants who accept a conditional offer of employment may be subject to government security investigation(s) and must meet eligibility requirements for access to classified information. DSA is proud to be an Equal Opportunity Employer. DSA is committed to treating all employees and applicants for employment with respect and dignity and maintaining a workplace that is free from unlawful discrimination. All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status. DSA requires background checks , where permitted , by law. DSA is an E-Verify Employer.
Create a Job Alert Interested in building your career at Data Systems Analysts, Inc.? Get future opportunities sent straight to your email. Apply for this job
indicates a required field First Name * Last Name * Preferred First Name Email * Phone * Resume/CV * Enter manually Accepted file types: pdf, doc, docx, txt, rtf Street Address * City * State * Select... Clearance * Select... Have you ever been convicted of a crime or violation other than a minor traffic violation? (A conviction record will not necessarily be a bar to employment. Factors such as job relations, age and time of offense, seriousness and nature of the violation and rehabilitation will be taken into account.) If yes, please explain. * LinkedIn Profile Website Do you plan on working more than one full time position (over-employment) with another company if you are hired at DSA Inc.? If yes, please explain. * What are your salary requirements? Voluntary Self-Identification
For government reporting purposes, we ask candidates to respond to the below self-identification survey.Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiringprocess or thereafter. Any information that you do provide will be recorded and maintained in aconfidential file. As set forth in Data Systems Analysts, Inc.’s Equal Employment Opportunity policy,we do not discriminate on the basis of any protected group status under any applicable law. If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection.As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measurethe effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categoriesis as follows: A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability. A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service. An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense. An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985. Select... Voluntary Self-Identification of Disability
Form CC-305 Page 1 of 1 OMB Control Number 1250-0005 Expires 04/30/2026 Voluntary Self-Identification of Disability Form CC-305 Page 1 of 1 OMB Control Number 1250-0005 Expires 04/30/2026 Why are you being asked to complete this form?
We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years. Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp . How do you know if you have a disability?
A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability.
Disabilities include, but are not limited to: Alcohol or other substance use disorder (not currently using drugs illegally) Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS Blind or low vision Cancer (past or present) Cardiovascular or heart disease Celiac disease Cerebral palsy Deaf or serious difficulty hearing Diabetes Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders Epilepsy or other seizure disorder Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome Intellectual or developmental disability Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD Missing limbs or partially missing limbs Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS) Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities Partial or complete paralysis (any cause) Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema Short stature (dwarfism) Traumatic brain injury
Disability Status Select... PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.
#J-18808-Ljbffr
DSA is hiring an Intermediate Information Security Analyst. This is a full-time position supporting a customer in the DC Metro area with a HYBRID Schedule. This position supports the Environmental Protection Agency (EPA). DSA is the Prime and has been working with this customer on this contract for more than 13 years. It is a dynamic team with a passion for supporting Federal programs that serve US Citizens.
Location is Hybrid: Allows the candidate the ability to work onsite at DSA or customer site with potential for telework. DSA work locations include Fairfax VA.
Work Location is flexible with telework as approved. The ability to work onsite each week is required. Core work hours dedicated to DSA and our direct customer are 8 am est to 5 pm est.
The Environmental Protection Agency (EPA) Office of Information Security and Privacy (OISP) is responsible for developing and maintaining agency wide information security and privacy programs; developing and maintaining information security and privacy policies, procedures, and control techniques; training personnel with significant information security responsibilities and assisting senior agency officials with information security and privacy responsibilities.
The Intermediate Information Security Analyst will be an integral part of a team responsible for supporting the development and maturation of an Agency-wide information security (InfoSec) program for a large civilian Federal agency. The candidate will serve as a subject matter expert with regards to the Risk Management Framework (RMF) and all associated information security policies and procedures and should possess in-depth knowledge of applying, selecting and testing the NIST family of security controls.
Primary Responsibilities: Advising stakeholders on InfoSec initiatives including compliance, awareness and training, and security operations. Leading Independent Validation and Verification (IV&V) efforts on security authorization/ATO packages to ensure compliance to agency requirements. Leveraging the existing Governance, Risk, and Compliance (GRC) tool, Telos Xacta (or an alternate like CSAM or RSA Archer), to track and reconcile findings from assessments, audits, and vulnerability scans. Coordinating government data calls (FISMA, FMFIA, BDR, etc.) and monthly reports. Assessing the effectiveness of the InfoSec and privacy training program and leading the collection, analyzing, and presentation of enterprise-level InfoSec performance metrics. Managing InfoSec Program POA&Ms, including advising on remediation efforts. Providing administrative support to Xacta (or equivalent GRC tool) users and authoring operational procedures. Working closely with senior agency security officials, system owners, information system security officers (ISSOs) and other stakeholders to advise and implement security solutions. Identifying opportunities for efficiencies in work process and innovative approaches. Participating in team problem solving efforts and offer ideas to solve client issues. Preparing and assisting in the development of policy and procedures. Conducting relevant research, data analysis, and developing reports. Preparing and assisting in the development of policy and procedures for program-level management and promoting consistency in program management best practices. Implementing processes and procedures to monitor risk across programs / projects. Preparing briefings to executive team to debrief the results of studies, analyses, and plans.
Required Qualifications: Ability to obtain a Public Trust Bachelor's degree in Information Technology or related field and 5 years of relevant IA experience. May substitute security certification (e.g. CISSP) for 2 years of experience. Excellent written and verbal communication skills. Possess in-depth knowledge of applying, selecting and testing the NIST 800-53 Rev 4 security controls. Possess in-depth knowledge of NIST 800-37 Risk Management Framework. Experience with a Governance, Risk and Compliance tool (e.g., Xacta, RSA Archer, CSAM or eMASS). Excellent attention to detail. Ability to handle and prioritize multiple tasks and deadlines. Possible travel to DC Client site/DSA office for badging/equipment. Desired Qualifications: Intermediate level cybersecurity certification (e.g., CompTIA Security+, ISC2 CGRC). In-depth knowledge of applying, selecting and testing the NIST 800-53 Rev 5 security controls. Public Trust #DSA209 #LI-CW1 Many of DSA's positions require the ability to obtain a security clearance. Security clearances may only be granted to U.S. citizens. In addition, applicants who accept a conditional offer of employment may be subject to government security investigation(s) and must meet eligibility requirements for access to classified information. DSA is proud to be an Equal Opportunity Employer. DSA is committed to treating all employees and applicants for employment with respect and dignity and maintaining a workplace that is free from unlawful discrimination. All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status. DSA requires background checks , where permitted , by law. DSA is an E-Verify Employer.
Create a Job Alert Interested in building your career at Data Systems Analysts, Inc.? Get future opportunities sent straight to your email. Apply for this job
indicates a required field First Name * Last Name * Preferred First Name Email * Phone * Resume/CV * Enter manually Accepted file types: pdf, doc, docx, txt, rtf Street Address * City * State * Select... Clearance * Select... Have you ever been convicted of a crime or violation other than a minor traffic violation? (A conviction record will not necessarily be a bar to employment. Factors such as job relations, age and time of offense, seriousness and nature of the violation and rehabilitation will be taken into account.) If yes, please explain. * LinkedIn Profile Website Do you plan on working more than one full time position (over-employment) with another company if you are hired at DSA Inc.? If yes, please explain. * What are your salary requirements? Voluntary Self-Identification
For government reporting purposes, we ask candidates to respond to the below self-identification survey.Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiringprocess or thereafter. Any information that you do provide will be recorded and maintained in aconfidential file. As set forth in Data Systems Analysts, Inc.’s Equal Employment Opportunity policy,we do not discriminate on the basis of any protected group status under any applicable law. If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection.As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measurethe effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categoriesis as follows: A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability. A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service. An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense. An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985. Select... Voluntary Self-Identification of Disability
Form CC-305 Page 1 of 1 OMB Control Number 1250-0005 Expires 04/30/2026 Voluntary Self-Identification of Disability Form CC-305 Page 1 of 1 OMB Control Number 1250-0005 Expires 04/30/2026 Why are you being asked to complete this form?
We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years. Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp . How do you know if you have a disability?
A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability.
Disabilities include, but are not limited to: Alcohol or other substance use disorder (not currently using drugs illegally) Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS Blind or low vision Cancer (past or present) Cardiovascular or heart disease Celiac disease Cerebral palsy Deaf or serious difficulty hearing Diabetes Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders Epilepsy or other seizure disorder Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome Intellectual or developmental disability Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD Missing limbs or partially missing limbs Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS) Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities Partial or complete paralysis (any cause) Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema Short stature (dwarfism) Traumatic brain injury
Disability Status Select... PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.
#J-18808-Ljbffr