Information Security/Privacy Analyst III
Posted 1 week ago by Lucid Technologies
Negotiable
Undetermined
Remote
Remote
Summary: The Information Security/Privacy Analyst III is responsible for conducting security assessments, managing risks, and ensuring compliance with organizational and regulatory standards. This role requires proficiency in implementing security controls and developing actionable security blueprints while collaborating with cross-functional teams. The analyst will also serve as a subject matter expert in the Assessment & Authorization process. A strong background in security architecture and risk management is essential for success in this position.
Key Responsibilities:
- Conduct assessments of threats and vulnerabilities and determine deviations from acceptable configurations or policies.
- Manage security assessments for various applications, including cloud computing.
- Implement security controls and conduct risk assessments based on NIST RMF and ISO standards.
- Evaluate and support documentation and accreditation processes for IT systems.
- Develop actionable security blueprints, principles, models, designs, standards, and guidelines.
- Utilize network and vulnerability scanning tools to assess system configurations.
- Ensure compliance with Governance, Risk, and Compliance (GRC) tools.
- Provide guidance as a subject matter expert for the A&A process.
- Communicate effectively with cross-functional teams and stakeholders.
Key Skills:
- 8 to 12 years of relevant experience in information security.
- Degree from an accredited College/University in a related field.
- Proficiency in implementing security controls and conducting risk assessments.
- Experience with network and vulnerability scanning tools.
- Strong organizational and communication skills.
- Ability to develop security blueprints and guidelines.
- Familiarity with NIST RMF and ISO standards.
- Experience with Governance, Risk, and Compliance (GRC) tools.
Salary (Rate): £60,000 yearly
City: undetermined
Country: undetermined
Working Arrangements: remote
IR35 Status: undetermined
Seniority Level: undetermined
Industry: IT
Job Title: Information Security/Privacy Analyst III Location: REMOTE
Job Description: Information System Security Officer Conducts assessments of threats and vulnerabilities, determines deviations from acceptable configurations or enterprise or local policy, assesses the level of risk, and develops and/or recommends appropriate mitigation countermeasures in operational and non-operational situations.
Task description and/or any specific requirements:
Ability to manage responsibility for security assessments of a variety of applications or domains, to include cloud computing, and to manage several project/initiatives of large size, complexity, and risk.
Demonstrated proficiency in implementing security controls, conducting risk assessments, and documenting compliance measures based on NIST RMF and ISO standards to meet organizational and regulatory requirements.
Demonstrated proficiency in successfully evaluating and supporting documentation, validation, and accreditation processes necessary to assure that new and existing information technology (IT) systems meet the organization's information assurance (IA) and security requirements.
Demonstrated proficiency in ensuring appropriate treatment of risk, compliance, and assurance from internal and external perspectives.
Demonstrated ability to support development of actionable security blueprints, principles, models, designs, standards, and guidelines to ensure enterprise IT architecture and support is consistent, usable, secure and adds value to the business.
Experience with network and vulnerability scanning tools and technologies to interrogate systems for configuration and status.
In-depth understanding of security architecture principles and best practices to design, implement, and maintain secure IT infrastructures in alignment with A&A policies.
Demonstrated proficiency in utilizing Governance, Risk, and Compliance (GRC) tools for managing Assessment & Authorization (A&A) processes.
Ability to serve as subject matter expert (SME) for the Client's A&A process, including providing guidance to stakeholders, business units, and new A&A resources as necessary.
Strong organizational skills and ability to build and maintain schedules and step-by-step action plans.
Effective communication and collaboration skills to work with cross-functional teams, business units, stakeholders, and IT professionals, and to brief executives.
Experience/Education:
A minimum of eight (8) to twelve (12) years relevant experience.
A degree from an accredited College/University in the applicable field of services is required. If the individual's degree is not in the applicable field then four additional years of related experience is required.
Typically performs all functional duties independently.
Note: Special credentials (licenses and/or certifications) may be required at the Task Order level on a case-specific basis.
Additional Provisions:
Pass a client mandated clearance process to include drug screening, criminal history check and credit check.
Once candidate s resume is approved and interview passed, the agency is responsible for providing drug screening. Failure to submit the drug screening results will delay the security clearance process.
If a candidate is given an interim clearance, continuation of employment is then based on the candidate receiving a sensitive clearance.
Cannot have more than 6 months travel outside the United States within the last five years. Military Service excluded. (Exception does not include military family members.)
All overtime must be pre-approved in writing by the client manager or his/her designated representative.
Agency will not be reimbursed for overtime charges without previous written authorization. Authorized overtime will be reimbursed at straight time.