DynCorp International LLC. IT Security Analyst Senior in FORT WORTH, Texas
The Security Analyst Senior is responsible for supporting regulatory Cyber Security compliance activities related to SOX, DCAA, FAR/DFARS, FISMA, etc. The role will govern, monitor and manage corrective actions by partnering with internal Legal, Information Security and Compliance groups as a result from internal or external audits. Responsibilities include maintaining a compliance framework to ensure adherence to all regulatory requirements, contractual commitments, including new/upcoming regulations related to UCTI and CUI DFARS Cyber Security compliance. Takes technical and/or professional leadership role during engagements supporting operational and strategic efforts in Information Security and Information Technology organizations. Sustains and grows improvements in Cyber Security and compliance processes through analysis and reporting via status reports and escalation of events.
- Design Cyber Security and compliance solutions to address known gaps, generating basic required implementation work steps and executing/delegating execution to complete implementation.
- Manage Cyber Security and Compliance through identification of known problems, development and/or selection of optimal processes and tools for resolution, and execution with delegation.
- Provide management and oversight for all Cyber Security compliance activities related to SOX, DCAA, DFARS, ISO, and NIST.Support the Information Security governance strategy and framework implementation, execution, and monitoring.
- Perform Information Security self-assessments to validate the effectiveness of IT’s governance model and organizational processes
- Utilize existing information security and compliance tools and the supporting toolsets that enable Cyber Security and compliance.
- Identify and resolve gaps in capabilities by developing custom and/or automation tools to meet security/compliance needs.
- Utilize Risk as a means of defining and prioritizing problems for resolution, performing system and process risk assessments.
- Develop and implement controls in support of system security acceptance processes in support of government-defined security management programs.
- Maintain compliance with established security and compliance controls through execution, tracking, gap identification, and constant process improvement.
- Provide weekly status reports documenting workload with key metrics, and assigned tasks with status, working projects and initiatives with status and associated staff.
- Escalation of security or compliance problems on an as-needed, as required basis.
- Identify and track targets of opportunity for evaluation, review and/or improvement within Information Security, Compliance and Information Technology.
- Investigate and evaluate new technologies to address current and future Cyber Security and compliance needs; perform requirements capture; perform solution review and comparison
- Participate and lead design, planning, implementation and support of security services and systems
- Actively engage with Information Security staff and senior leadership as lead and lead support on strategic and implementation initiative.
- Consult with management on security objectives, primary concerns and areas of specific action
Knowledge & Skills
- Full understanding as to the capabilities and requirements of core functional areas as they relate to Information Security and Compliance.
- Capable of delivering solution designs to meet specific security or compliance needs.
- Capable of adapting knowledge in specific functional areas to other areas for staff and process integration and support.
- Ability to optimize and execute task-based processes within a set of given functional areas.
- Ability to perform advanced work on supporting services and functions such as requirements planning, task planning, process optimization, process certification, automation.
- Understanding of Risk and the elements that define risk, ability to identify and assess risk elements for processes and services.
- Ability to utilize Risk as a means to set design and implementation requirements; and for security and compliance operational process and requirement execution.
- Understanding of functional areas enabling interpretation of solution requirements:
- Infrastructure: Servers, Storage, Databases, Networks, Clients.
- Systems and Services: Applications, Identity Access Management, Information Management, Risk Management, Vulnerability Management, Penetration Testing, Compliance Management.
Experience & Education
- High school degree or equivalent.
- Mid-level certifications from organizations such as CompTIA (Security+), Microsoft (MCTS), Cisco (Professional) or equivalent education or training required.
- Senior-level certifications from organizations such as ISC2 (CISSP), ISACA (CISA, CISM), GIAC, or equivalent education preferred.
- 6+ years of experience in Information Technology or Compliance and Audit; with at least 3 years of direct responsibilities for Information Security or Information Audit/Compliance.
Physical Requirements/Working Environment
- Works in normal office environment.
- Travel is required; typically less than 10%, typically to US-based locations.
Primary Location: UNITED STATES-TEXAS-FORT WORTH
Job Posting: Oct 11, 2016, 12:18:47 PM
Unposting Date: Ongoing
Req ID: 1603615