Senior Technical Security Analyst - Sterling, VA - Georgia IT Inc.
Sterling, VA
About the Job
Job Title : Senior Technical Security Analyst
Location : Sterling, VA
Position Type : Full Time
Salary : DOE $105K/Year
Interview Process : Phone followed by Face to Face
Green Card, U.S Citizens
Job Description
Our mission is to deliver information security solutions and services that protect our information assets, computing infrastructure, applications and data. The Sr. Technical Security Analyst will support the Security risk management program within our organization. Primary responsibilities are to perform technical and non-technical risk assessments on our systems and calculate the level of existing and residual risk and communicate these to business areas.
Ideally, the candidate will be a self-starter and have an analytical mind that constantly looks for solutions to difficult problems. The candidate must be proficient in Risk Management Frameworks and experienced in conducting risk assessments in a complex environment. The candidate must have the ability to convey complicated technology and security concepts to management and non-technical business areas. The candidate should have technical knowledge and/or experience in security, networking, systems administration, database administration, architecture and/or other technical domains.
Responsibilities:
Location : Sterling, VA
Position Type : Full Time
Salary : DOE $105K/Year
Interview Process : Phone followed by Face to Face
Green Card, U.S Citizens
Job Description
Our mission is to deliver information security solutions and services that protect our information assets, computing infrastructure, applications and data. The Sr. Technical Security Analyst will support the Security risk management program within our organization. Primary responsibilities are to perform technical and non-technical risk assessments on our systems and calculate the level of existing and residual risk and communicate these to business areas.
Ideally, the candidate will be a self-starter and have an analytical mind that constantly looks for solutions to difficult problems. The candidate must be proficient in Risk Management Frameworks and experienced in conducting risk assessments in a complex environment. The candidate must have the ability to convey complicated technology and security concepts to management and non-technical business areas. The candidate should have technical knowledge and/or experience in security, networking, systems administration, database administration, architecture and/or other technical domains.
Responsibilities:
- Work with a Risk Management Framework and GRC tool to perform risk assessments of our systems to determine risk level and mitigation strategies
- Develop a technology risk matrix to highlight areas of high risk for our applications and systems
- Communicate potential control deficiencies and associated risks identified by the risk assessment process
- Develop action plans and/or recommend alternative solutions to resolve risks and exceptions to our Policies and Standards
- Provide oversight to ensure tracking of remediation plans for timely closure of risk issues
- Provide security consulting and advisory services to business units and project teams
- Research and maintain a knowledge base regarding information security risks, issues, solutions and potential implications.
- Provide Security requirements for development teams as needed prior to application deployment
- Review vendor contracts for compliance with our Security Policies and Standards
- 3 - 5 years of hands-on technology risk, security and/or governance experience
- Must have in-depth knowledge of common information security policies and standards
- Ability to effectively influence others to modify their opinions, plans, or behaviors
- Excellent verbal and written communication skills with the ability to understand business requirements
- Must be able to develop risk management strategies that align with business goals and objectives and protect the confidentiality, integrity and availability of information systems and data
- Project management experience on information security processes and within software development life cycles is desired
- Familiarity with measures and metrics used in risk assessment methods and/or vulnerability assessment processes.
Source : Georgia IT Inc.
