What does a typical day look like for the Senior Principal Computer Systems Security Analyst?

  • Design and implement safety measures and controls. Monitor network activity to identify vulnerable points.
  • Address privacy breaches and malware threats.
  • Support the Assessment and Authorization (A&A) processes and Information Assurance documentation for multiple analytic and mission systems across all CLINs.
  • Generate and maintain the complete security Body of Evidence (BoE) while leading the A&A activities according to the Risk Management Framework (RMF) processes (ICD 503, CNSSI-1253, NIST 800-37, NIST 800-53, etc.) for all multiple information systems.
  • Analyze existing security systems and make recommendations for changes or improvements.
  • Prepare reports and action plans in the event that a security breech does occur.
  • Monitor the network and provide early warning of abnormalities or problems.
  • Communicate the system status and keep users informed of downtime or changes to the system.
  • Provide system updates and write code fixes.
  • Experience working with software developers and architects to understand security requirements.
  • Experience guiding the application developers on security policy, identifying security requirements, providing technical guidance for the satisfaction of requirements.
  • Experience creating and managing the plan of action and milestones (POA&Ms),and working with project managers and engineers to develop schedules and engineering actions that mitigate open findings.
  • Experience supporting the Continuous Monitoring of operational systems; experience monitoring and auditing operational systems for proper use.

What qualifications do you look for?

  • TS//SCI with CI Polygraph.
  • 9+ years supporting Assessment and Authorization (A&A) and information assurance processes and documentation using RMF, BS degree.
  • Knowledge of current security risks and protocols.
  • Willingness to work on-call in the event of a security breech or other emergency.
  • Good analytic and problem-solving skills.
  • DoD Approved 8570 Baseline Certifications (eg, Security+) certifications RMF, Xacta experience.

We’re extra impressed by:

  • Experience working with AWS/Google cloud-hosted information systems or applications.
  • Experience working with Redhat or CentOS linux operating systems.
  • Experience working in a DevSecOps environment and tool chain.