1+ months

Information System Security Analyst IASAEIII (Government)

Chantilly, VA 20151
Apply Now
Apply on the Company Site
AT&T Global Public Sector is a trusted provider of secure, IP enabled, cloud-based, network solutions and professional services to the Federal Government. We are dedicated to recruiting, developing and empowering a diverse, high-performing workforce that is passionate about what they do, committed to our shared values and dedicated to our customers mission.

Our National Security Team supports the intelligence community by providing, operating and assuring critical voice, video and collaboration services for the full spectrum of operations.

AT&T has an opening for Information System Security Analyst (ISSA) to support the National Security Sector. The ISSA is responsible for all RMF deliverables and overall Assessment and Authorization tasks required to maintain Authority to Operate (ATO) for high visibility customer assets. The ISSA will ensure that all programs have hardened information systems to the most secure state possible. This includes analyzing the Nessus compliance and vulnerability scan reports in order to help customers understand information security needs, writing System Security Plans, and ensuring that programs have hardened their systems to the DISA STIG requirements.

Description of Job Duties/Responsibilities:

+ Responsible for All Risk Management Framework (RMF) deliverables and overall Assessment and Authorization (A&A) tasks for high visibility assets.

+ The ISSA is in charge of the process that maintains Authority To Operate (ATO) on behalf of the customer Information System Owner (ISO).

+ The ISSA coordinates with all Information Assurance (IA) stakeholders on Assessment and Authorization (A&A) and RMF tasks.

+ Ensures that all newly installed hardware is on-boarded with Enterprise Security Services (ESS).

+ Maintains asset inventories in the IA tool of record and ensures that Continuous Monitoring (CONMON) is performed after ATO is received.

+ Will work with program engineers to develop all IA and RMF deliverables (SSP, ISCP, Ports and Protocols list, hardware inventory, OS inventory, software inventory, etc).

+ Will support program reviews of NESSUS vulnerability and compliance scan reports.

+ Will maintain assets Authority to Operate (ATO).

+ Reviews vulnerability scan reports with system administrators to Ensure assets are patched and updated regularly to mitigate risk via Information Assurance Vulnerability Alerts (IAVAs)/Intelligence Community Vulnerability Alerts (ICVAs).

Required Clearance: TS/SCI with the ability to obtain/maintain a polygraph. (#ts/sci)

Required Qualifications: Candidate must have 16 years of experience that can be a combination of work history and education. This equates to a Doctorate and 8 years of experience OR Masters and 10 years, Bachelors and 12 years, Associates and 14 years or HS and 16 years. Must have one of the following certifications or able to obtain within six (6) months, CCNA Security, CySA**, GICSP, GSEC, Security+ CE, CND OR SSCP Certifications to meet minimum requirements for DoD 8570 IAM Level 3 certification requirements.

Desired Qualifications:

+ Strong communication skills.

+ Previous experience as ISSO or ISSE.

+ Strong understanding of the Risk Management Framework.

+ Strong familiarity with NIST 800-53 security controls and how to write security control implementations.

+ Familiarity with Service Now (SNOW).

+ Familiarity with Help Now.

+ Familiarity with XACTA.

+ Familiarity with NESSUS Security Center.

+ Familiarity with SPLUNK.

+ Develops and implements security designs for new or existing network system(s); ensures that the design of hardware, operating systems, and software applications adequately address IA security requirements and DISA Security Technical Implementation Guidelines (STIG).

+ Experienced with writing security status reports and briefing government customer.

+ Experience with negotiating POA&M liens and working with program engineers to ensure liens are resolved and closed before the Estimated Completion Date (ECD).

Ready to join our team? Apply today!
We expect employees to be honest, trustworthy, and operate with integrity. Discrimination and all unlawful harassment (including sexual harassment) in employment is not tolerated. We encourage success based on our individual merits and abilities without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, disability, marital status, citizenship status, military status, protected veteran status or employment status.
Posted: 2021-09-20 Expires: 2021-12-19
Sponsored by:
ADP Logo

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Information System Security Analyst IASAEIII (Government)

Chantilly, VA 20151

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast