Job Description:
VA Position Title: Cybersecurity Analyst I
Location list: Ashburn, VA
Full Time Part Time: Full-Time
Req Number: NON-24-00013
About the Organization:
JSL delivers customer-centric IT solutions for Federal, State and local governments. We offer our customers three distinct advantages: expertise in our service offerings, leadership that drives innovation, and a culture focused on customer satisfaction. Our mission is to cultivate relationships, responsibility and results through people, purpose and process.
Description:
General Role Information:
The Cybersecurity Analyst role aligns with Systems Security Analyst (IO-WRL-006) Work Role in the Workforce Framework for Cybersecurity (NICE Framework) (NIST SP 800-181 Rev 1). The Cybersecurity Analyst is considered a 'cybersecurity generalist' in that the person in this role provides a variety of information security services and brings a variety of knowledge, skills, and abilities to bear in executing the security functions of a contract. The role is responsible for the analysis and development of the integration, testing, operations, and maintenance of systems security. While the Cybersecurity Analyst is not expected to know everything about security, he/she is expected to be able to generalize security concepts, reach out to others to collaborate and share/gain knowledge, and come up with solutions or recommendations for specific cybersecurity problems or issues.
Synonyms: Information Assurance Analyst, Information Security Analyst, Information System Security Analyst, Security Analyst
Department of Education (ED) Position Equivalent: Information Assurance/Security Specialist, Security Analyst
Specific Duties to Perform:
The Cybersecurity Analyst will directly support Federal Student Aid (FSA) contracts in achieving and maintaining their information security goals in accordance with Department of Education (ED) and FSA security requirements. The employee will on a day-to-day basis conducts the following tasks:
Analyze vulnerability and compliance scan reports on a weekly basis, prioritize findings, and coordinate remediation efforts;
Create, gather, and track the collection of evidence in response to evidence request lists that support security assessments required by FSA and other oversight organizations;
Coordinate and participate in security control assessment interviews;
Analyze and prioritize assessment findings to drive remediation and minimize negative impact to the system's cybersecurity framework scorecard;
Proactively assess risk for the supported information system(s) and work with stakeholders to determine priority and remediation path;
Document and track findings and evidence provided for historical reference across contract programs;
Create, maintain, and update supported information systems' security related documentation including but not limited to the System Security Plan (SSP), Information Technology Contingency Plan (ITCP), Incident Response Plan (IRP), Business Impact Analysis (BIA), Rules of Behavior, System Trust Matrix, etc.;
Create, update, and drive to closure all open Plans of Action and Milestones (POA&Ms) leveraged against supported information system(s), which includes creating/gathering evidence, uploading evidence, and notifying FSA personnel;
Review proposed/planned changes to the information system and provide feedback as requested;
Provide input to Security Impact Analysis (SIA) documents as required on behalf of the FSA ISSO;
Monitor and provide input to security alerts, advisories, and directives in support of the ISSO;
Provide periodic status updates to JSL and FSA stakeholders regarding the current status of security-related activities as they pertain to the supported information system(s);
Participate in incident response activities for the supported system(s)
Position Qualifications/Experience:
0-3 years of experience in cybersecurity/information security
Experience with implementing security framework(s) and associated security controls
Experience working with customers and information systems
Experience in understanding and applying security requirements at all levels
Experience analyzing data and creating summaries and reports based on the data
Experience working with audit/assessment personnel/organizations
Education/Certifications
Bachelor's Degree or higher in computer science, information systems, information security/cybersecurity, or related area, or a suitable combination of work experience and education
Desired Skillset (Abilities/Competencies)
The ideal candidate must:
Be highly organized
Be open to learn new things quickly
Have excellent verbal and written communication skills
Have a demonstrated ability to present and communicate cybersecurity concepts to stakeholders
Have strong technical and critical thinking/analytical skills
Be comfortable with producing highly detailed and accurate work products
Be able to work independently and as part of a team
Be able to manage multiple tasks/projects concurrently
Additional Eligibility Requirements:
100% remote work option is available.
Must use multiple technologies including video/audio conferencing, instant messaging, email, and other options to communicate during business hours.
Occasional overtime may be required in the performance of duties.
Must be proficient with MS Office suite of tools with an excellence with Excel preferred.
Clearance Required:
To support Federal Student Aid, the candidate must pass an ED 6C background investigation.
EOE Statement:
In compliance with the Americans with Disabilities Act (ADA), if you have a disability and would like to request an accommodation in order to apply for a position with Jazz Solutions Inc., please call 410-905-5084 or e-mail careers@jazzsol.com.
Jazz Solutions Inc. is proud to be an Equal Opportunity Employer. We seek individuals from a broad variety of backgrounds with varying levels of experience who have a desire to do meaningful work. We recruit, employ, train, compensate, and promote regardless of race, color, gender, gender identity, religion, national origin, ancestry, disability, age, veteran status, sexual orientation, or any other characteristic protected by law.
