IT Security Analyst 4

Job Title: IT Security Analyst 4
Location: Richmond, VA (Hybrid- 3 Days onsite per week)
Duration: 6+ months (Possible Extension)
Interview Process: In-person Interview Only
Tax term: C2C or W2
Job Type: Contract
Client: Public Sector

Position Description:
Document and address organization's information security, cybersecurity architecture, and systems security engineering requirements throughout the acquisition life cycle.

Responsibilities:

• Analyze the security impact of application, configuration, and infrastructure changes to ensure compliance with the security standard as part of the change management lifecycle.
• Assess the configurations of applications, servers, and network devices for compliance with the security standard.
• Analyze and document how the implementation of a new system or new interfaces between systems impacts the security posture of the current environment.
• Assess and document the security impact and risks of newly discovered vulnerabilities in the environment.
• Coordinate resolution of application and infrastructure security vulnerabilities with System Owners, IT, and vendors. Track resolution of vulnerabilities and provide regular updates to management.
• Coordinate resolution of endpoint security vulnerabilities with users and provide regular updates to management.
• Respond to, and investigate, security incidents and provide thorough post-event analyses.
• Perform internal application penetration testing, document findings, and recommend improvements to improve the organization s security posture.
• Complete annual password security audits and coordinate completion of agency wide user access audits in compliance with the security standard.
• Determine the protection needs (i.e., security controls) for the information system(s) and network(s) and document appropriately.
• Create and maintain desk procedures and process documentation for all responsibilities.