Job Details

Requisition Number 19-0108
Post Date 5/28/2019
Title Security Analyst - REMOTE Anywhere in US
City McLean
State VA
Description


Capgemini Government Solutions (CGGS) LLC is seeking highly motivated and experienced Security Analyst to join our team in the DC Metro Area to support our government clients. This is a remote role, the candidate can be located anywhere in the United States. The successful applicant needs to have experience in cyber security policies and threat mitigation. Must have knowledge and experience in cyber security tools, network topologies, intrusion detection, PKI, and secured networks. Must understand processes and activities associated with implementation and security levels and roles necessary for successful deployment. The candidate will be assigned to support of capability to provide operational input and support for the operations, maintenance, and refinement of environment, execution support for migrating new and legacy applications and services to cloud computing and continuous improvement of IT infrastructure.

 

The successful applicant will have the opportunity to apply and grow their skillset, work with a motivated and entrepreneurial team, engage with a wide range of stakeholders, and build CGGS’ capabilities to serve our clients.

 

Job Responsibilities

 

As a Security Analyst, you will:

 

  • Direct, ensure the effectiveness of, and/or oversee the work of teams of security analysts assigned to support each of the above disciplines.
  • Apply domain-specific security knowledge and subject matter expertise to ensure the successful execution of security management functions.
  • Analyze systems, data, and operating environments to determine appropriate safeguards and evaluate the effectiveness of implemented security controls.
  • Validate the configuration of servers, workstations, network devices, and other equipment against government or industry security standards.
  • Perform security testing on applications, networks, and operating environments, using automated and/or manual methods appropriate for the IT assets being tested.
  • Analyze the results of vulnerability scans, configuration checks, and security alerts to identify and understand weaknesses or deficiencies and determine remedial actions.
  • Create, update, and maintain technical and security documentation about systems, networks, and operating environments.
  • Possess ability to identify key concepts, factors and risks based on conversations and document these in clear and concise narrative or graphic reports.
  • Provide security expertise/perspective to support operational processes and procedures including configuration control, maintenance, continuity of operations, and incident response.
  • Security Access Management
  • Identity and access management, privileged identity management, and system access monitoring.
  • Mainframe security on IBM and Bull mainframe platforms and related systems.
  • End-user and privileged authentication and authorization.
  • Risk Management
  • Support for internal and external compliance audits and assessments.
  • Risk identification, assessment, response, tracking, and monitoring.
  • Monitoring and management of findings and corresponding corrective actions.
  • Development and reporting of security metrics.
  • Information Assurance
  • Support security assessment and authorization processes and activities, including developing or contributing to the development of security documentation and other artifacts.
  • Monitor changes to applications, networks, infrastructure, and operating environments.
  • Provide audit support for internal and external audits and reviews.
  • Technical Security
  • Operating, maintaining, and tuning security tools deployed in data centers housing mission critical data and systems.
  • Detect, respond to, and forward critical security alerts related to compliance policy violations, new or emerging threat sources and vulnerabilities, and Advanced Persistent Threats (APTs).
  • Implementing and executing incident response procedures.
  • Performing vulnerability and compliance scanning and assessments.
  • Collecting and aggregating log and security event information.
  • Maintaining web application protection and web application vulnerability monitoring, assessment, and reporting.
  • Reviewing and maintaining Standard Operating Procedures for intrusion detection and prevention, security information and event management, incident response, vulnerability assessment, and other applicable security activities and processes.
  • Application Administration
  • Patching, upgrading, and maintaining server operating system platforms.
  • Performing web development (including scripting and/or programming) for audit and risk management application.
  • Support application development activities for configuration and maintenance.
  • Develop and maintain complex and ad-hoc reports and dashboards for security and risk management information.
  • Providing customer support, including telephone, email, and message channels, for risk management application.
  • Developing and delivering technical documentation and user guides.

 

Basic Qualifications

  • U.S. Citizenship is required.
  • Eligible to obtain and maintain Government Security Clearance.
  • Bachelor’s degree in computer science, electronics engineering or other engineering or technical discipline is required. (8 years of additional relevant experience may be substituted for education).
  • A minimum of 5 years of relevant work experience.
  • Thorough knowledge to create plans to assure effective management, operations, and maintenance of systems and/or networks.
  • Manages teams of system admins and is able to prioritize work and identify high risk critical problems and dedicate appropriate resources.
  • Has extensive knowledge of a wide variety of systems and networks to include high volume/high availability systems.

 

Additional Qualifications

 

  • One or more advanced security certifications (e.g., CISSP, CISM, GCPM, CSLC, etc.)
  • Advanced or specialized security certification in disciplines such as penetration testing, incident handling, intrusion analysis, or computer forensic investigation.
  • ITIL certification.
  • Experience with configuration of IBM Rational Toolset for management, configuration and reporting of work products.
  • Familiarity with the Handbook 6500 and subordinate publications.
  • Experience working in a ITIL, ISO 20000, or ISO 27000 environment.
  • Active clearance for Public Trust (High-Risk) Position.
  • Expert-level knowledge of federal security laws, regulations, and standards, including but not limited to FISMA, HIPAA, NIST CyberSecurity Framework, FIPS Publications, and Special Publications.
  • Familiarity with all phases of the NIST Risk Management Framework and the achievement and maintenance of authorization to operate (ATO) for federal information systems.
  • Prior experience performing or overseeing continuous monitoring/continuous diagnostics and mitigation activities.
  • Ability to obtain Public Trust (High-Risk) Position security clearance.

 

 

Company Overview

 

A global leader in consulting, technology services and digital transformation, Capgemini is at the forefront of innovation to address the entire breadth of client’s opportunities in the evolving world of cloud and digital platforms. Building on its strong 50-year heritage and deep industry-specific expertise, Capgemini enables organizations to realize their business ambitions through an array of services from strategy to operations. Capgemini is driven by the conviction that the business value of technology comes from and through people. It is a multicultural company of 200,000 team members in over 40 countries. The Group reported 2017 global revenues of EUR 12.8 billion. Capgemini Government Solutions, LLC (Capgemini GS) is a subsidiary of Capgemini focused on providing high quality services to the U.S. Federal Government. Learn more about us at www.capgemini-gs.com.


Capgemini has an entrepreneurial environment that embodies the following values: Honesty, Boldness, Trust, Freedom, Team Spirit, Modesty, and Fun. We offer a competitive benefits package to our employees.

 

Capgemini is an Equal Opportunity Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, national origin, gender identity/expression, age, religion, disability, sexual orientation, genetics, veteran status, marital status or any other characteristic protected by law.

#cggsjobs #ondice #CB

 

Apply On-line
Send This Job to a Friend