Skip to Main Content

IT Security Analyst

Banner Quality Management Inc
Hampton, VA
  • Posted: over a month ago
  • Full-Time
  • Benefits: life insurance, medical, vision, 401k, dental,
Job Description

Banner Quality Management Inc. (BQMI) is a highly respected woman owned, 8(a) certified small business , which provides Information Technology (IT), safety, multimedia, training and project management services to the Federal government and other valued customers. Our continued growth offers many new opportunities for skilled and motivated contributors.

Our Professional Administrative Computational and Engineering V (PACE V) contract provides a wide range of IT services to NASA Glenn Research Center (GRC) and throughout the Agency.

This position will assist in the management of IT Security System Security Plans for NASA LaRC. The guidance for conducting the assessments/audits is provided by the Federal Information Security Act (FISMA) of 2002 and the National Institute of Standards (NIST). This position serves as the point of contact for system owners providing information technology security guidance protecting NASA data. Incumbents will perform other duties and assessments as required.

Essential Duties & Responsibilities:

  • This position will assist in the management of IT Security System Security Plans for NASA LaRC.

  • This position serves as the point of contact for system owners providing information technology security guidance protecting NASA data.

  • Perform NIST Risk Management Framework (RMF) lifecycle Assessment and Accreditation activities for all associated project System Security Plans.

  • Perform and review technical security assessments of computing environments to identify points of vulnerability, non-compliance with established standards and regulations, and recommend mitigation strategies.

  • Develop and maintain processes and procedures to identify, track and mitigate system vulnerabilities.

  • Provide regular reporting on patch management program and overall operational status of patch compliance.

  • Perform analysis, identify and implement protection solutions, and prepare and maintain security related documentation, processes, and procedures.

  • Provide leadership, guidance, and recommendations to peers for security control implementation and documentation.

  • Perform risk assessments, determine impact, and recommend/implement remediation solutions.

  • Perform security impact analyses for changes to the information system

  • Perform Ongoing Authorization and Continuous Monitoring activities.

  • Propose Plan of Actions and Milestones (POA&M) and Risk-Based Decisions (RBD).

  • Provide security assessment findings and recommendations to the Information System

    Owner (ISO)

  • Know and adhere to Company policies, procedures and work rules and demonstrate a strong work ethic

  • Maintain regular and acceptable attendance level as determined by the Company and your manager.

  • Responsible for completing all assigned training

  • Responsible for understanding and implementing the FISMA Act of 2002.

  • Responsible for performing IT Security assessments using the NIST guidance.

  • Responsible for providing weekly and monthly reporting metrics based upon the

    implemented project plan for conducting security assessments.

  • Responsible for providing NASA LaRC risk status and posture on an ongoing basis.

  • Responsible for reducing, mitigating and eliminating risk to the LaRC enterprise.

  • Responsible for using the LaRC software tools to manage the LaRC System Security

    Plans (SSP).

  • Provide consulting to LaRC managers, supervisors and LaRC workforce relating to

    security and privacy controls, NASA and LaRC security policies and procedures,

    processes and standards.

  • Provide consulting to LaRC managers, supervisors and LaRC workforce based on NIST

    guidance, policies and procedures.

  • Responsible for continuous improvement of the IT security metrics by identifying new

    metrics, methodologies and methods of reporting.

  • Provide security presentations periodically.

  • Develop, lead and conduct security workflow.

  • Responsible for leading reviews of security policies and standards.

  • Responsible for performing security assessments/audits and risk assessments on system

    managing NASA data.

  • Responsible for conducting Contingency Plan reviews and business impact assessments.

    Essential Skills:

  • Solid knowledge of Cybersecurity processes and best practices

  • Understanding of IT Security Plans and planning

  • Working knowledge of FISMA and NIST requirements and standards

Experience/Education:

  • Required:

    • This position prefers a Bachelor’s; degree preferably in computer science or a related field in IT security. The degree should be from an accredited college with a minimum of three (3) years of experience. Candidates with Bachelor’s degrees in other fields will be considered depending on relative work experience and years in the field.

    • Candidates must have experience in IT security assessments and audits of IT security controls.

  • Desired:

    • CISSP or GIAC and CAP certification preferred.

    • Experience with security audits/assessments

    • Demonstrate technology leadership

    • Word, Excel, PowerPoint, VISIO

    • Understanding of basic Project Management Methodology

Personality or self-management skills:

  • Proactivity, flexibility and solid verbal and written communication skills.

  • Ability to have an open mind and balance your confidence with the willingness to change

    when necessary.

  • Ability to compromise and take direction from others.

To apply please submit a current resume and cover letter to:

Banner Quality Management Inc. at: careers@bqmi.com

BQMI is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.

Due to contract requirements, U.S. citizenship is required to obtain access to government facilities and systems.

Company Description
BQMI is an employee oriented, stable and dynamic small business.

Banner Quality Management Inc

Why Work Here?
We are a small company that has a people first culture that emphasizes personal & professional growth. Competitive benefits & 401(k) match.

BQMI is an employee oriented, stable and dynamic small business.

Address

Hampton, VA
USA

Industry

Technology

View all jobs at Banner Quality Management Inc

What email should the hiring manager reach you at?

By clicking the button above, I agree to the ZipRecruiter Terms of Use and acknowledge I have read the Privacy Policy, and agree to receive email job alerts.