Skip to main content

This job has expired

You will need to login before you can apply for a job.

Information Security Analyst III

Employer
Frederick National Laboratory for Cancer Research
Location
Frederick, MD, USA
Start date
Sep 17, 2020

View more

Discipline
Information Technology, Information/Data Security
Required Education
Bachelors Degree
Position Type
Full time
Hotbed
BioCapital

Job Details

The Information Security and Compliance Office (ISCO) is a part of the Enterprise Information Technology (EIT) Directorate within Leidos Biomed. The ISCO provides IT security auditing, engineering, and incident response support for the Frederick National Laboratory for Cancer Research (FNLCR) and the National Cancer Institute - Frederick. The mission of the Information Systems Program is to develop an enterprise-level, consolidated information technology infrastructure that provides exceptional IT capabilities to the Frederick National Labs for Cancer Research (NCI-Frederick/FNLCR) in support of basic, translational, and clinical cancer and AIDS research. ISCO supports the life cycle of information security for the scientific mission and administrative functions of the NCI-Frederick/FNLCR, to ensure the availability of information systems, protect the integrity of information, and protect the confidentiality of intellectual property and patient data.

KEY ROLES/RESPONSIBILITIES

The information security controls assessor will be responsible for assessing the security controls on National Cancer Institute at Frederick information systems for compliance with HHS/NIH policy and NIST and OMB guidance; and making recommendations on how to address identified weaknesses. This includes reviewing documentation, interviewing system administrators and examining system configurations to ensure controls are in place, configured properly, and functioning effectively; and producing test reports and briefing system owners, managers and authorizing officials on assessment results. The assessor will also assist in closing plans of actions and milestones closure by reviewing artifacts or re-testing controls for compliance, as necessary. The assessor will also assist in performing periodic tests of network security to ensure systems' security controls are functioning effectively in-between scheduled audits. The assessor will also provide guidance to system owners, administrators and developers on NIH security requirements and current leading practice for system security.

BASIC QUALIFICATIONS
  • Possession of a bachelor's degree from an accredited college or university according to the Council for Higher Education Accreditation. (Additional qualifying experience may be substituted for the required education). Foreign degrees must be evaluated for U.S. equivalency
  • A minimum of six (6) years progressively responsible job related experience. Experience must include functioning as an analyst or equivalent for compliance auditing, information security, information systems, or related
  • Work independently and make decisions regarding complex issues with appropriate consultation of peers, cross-functional teams, and supervisors
  • Must be able to analyze complex information, synthesize disparate data sources, and communicate effectively
  • Must be able to develop technical reports and non-technical summaries and; express information in a clear, concise, and organized manner, both verbally and in writing
  • Must be detail-oriented with the ability to prioritize multiple tasks/projects
  • Familiarity with NIST guidance, including SP 800-53 Rev. 4, the Risk Management Framework (SP 800-37 and SP 800-39)
  • Experience in assessing information systems for compliance with security control requirements (e.g., NIST SP 800-53)
  • Familiarity with Linux and Windows operating systems
  • Familiarity with basic networking concepts and protocols
  • Familiarity with performing network scans and testing for vulnerabilities
  • Must be able to obtain and maintain a clearance

PREFFERED QUALIFICATIONS
  • Windows or Linux system administration experience
  • Experience with nmap, scripting (Python, Bash, PowerShell, etc.), Burp Suite
  • Familiarity with penetration testing methodologies
  • Experience performing network or web application penetration tests

EXPECTED COMPETENCIES
  • Demonstrate working knowledge of networking, storage and virtualization technologies
  • Demonstrate working knowledge of standards and guidelines for Information Security published by the National Institute of Standards and Technology (NIST)
  • Working knowledge and expertise required for assessing the information security aspects of information systems for compliance with regulations and directives of FISMA, and the Office of Management and Budget (OMB)
  • Experience working in a scientific and/or federal environment
  • Working knowledge of Windows and Linux systems
  • Possess ISC2 Certified Authorization Professional (CAP) or obtain within 6 months of hire

Equal Opportunity Employer (EOE) | Minority/Female/Disabled/Veteran (M/F/D/V) | Drug Free Workplace (DFW)

#readytowork

Company

A rewarding career with global impact

Whether you’re an expert in your field or just starting out, we have a career opportunity for you. We’re always looking for people to join us in fulfilling the mission of the Frederick National Laboratory: discovery, innovation, and success in the biomedical sciences.

Our team of 2,400+ scientists, technicians, administrators, and support staff work at the forefront of basic, translational, and preclinical science, with a focus on cancer, AIDS, and other infectious diseases.

We collaborate with colleagues across the National Cancer Institute, National Institutes of Allergy and Infectious Diseases, and others throughout the National Institutes of Health. We also engage with extramural investigators in academia, government and industry.

Your path to joining our team begins with the desire to work for the only national laboratory dedicated to biomedical research. Our employees share a common desire to help make a difference in cancer research and public health concerns. As you search for a career that fits your education, skills, and abilities, explore the core values that guide us and emphasize work-life balance.

Discover why joining the Frederick National Laboratory team could be the most important career step you take

 

 

Instagram   Facebook  Twitter

Company info
Website
Phone
301-846-1000
Location
8560 Progress Drive
Frederick
MD
21701
US

Get job alerts

Create a job alert and receive personalized job recommendations straight to your inbox.

Create alert