Job Information
St. George Tanaq Corporation Information Systems Security Analyst in Boston, Massachusetts
Information Systems Security Analyst
Fully Remote•GA
Job Type
Full-time
Description
Overview
Tanaq Support Services (TSS) delivers professional, scientific, and technical services and information technology (IT) solutions to federal agencies in health, agriculture, technology, and other government services. TSS is a subsidiary of the St. George Tanaq Corporation, an Alaskan Native Corporation (ANC) committed to serving Federal customers while also giving back to the Tanaq native community and shareholders.
About the Role
We are seeking an Information Systems Security Analyst to work collaboratively with the client to deliver security solutions to the government and their stakeholders. Candidate will collaborate with Federal Government customer technical and non-technical leadership to create security solutions that meet customer needs and adhere to their established performance and security standards. The Information Systems Security Analyst will provide IT Security support to the client's information systems and serve as an IT Security consultant and advisor to system stakeholders on matters related to regulatory compliance, security controls, threats, and vulnerabilities.
This is a fully remote position based in the U.S.
Responsibilities
Support and assist system security activities to ensure adherence to applicable, federal IT security policies and procedures
Provide a full range of support for Security Assessment and Authorization (SA&A) activities
Recommend creative technical solutions to security challenges that incorporate evolving security regulations, policies, and mandates into customer systems
Advise, consult, and assist IT security personnel with evaluating, testing, and implementing technologies to augment the security of IT components such as user authentication and validation, data encryption, secure key storage, PKI key management, Smart Card integration, and mitigating identified system security vulnerabilities as they arise
Work with senior-level system owners, mission leads, IT Governance, and the Information Systems Security Officer (ISSO) to ensure system compliance and protection activities of software development projects
Work with program and technical teams to perform security analysis on technical solutions and provide security compliance and guidance input as required
Assist system owners with identifying and utilizing relevant enterprise shared services and solutions to enable compliance and security activities
Become a trusted security subject matter expert supporting various mission leaders and activities
Facilitate table-top exercises
Manage the SAA process for assigned systems including development of NIST compliant System Security Plans, Rules of Behavior, Continuity of Operations and Disaster Recovery Plans, Risk Assessments, Interconnection Security Agreements, Incident Response Plans, Data Sharing and Use Agreements, PIA, BSI, etc.
Following formal approval, maintain system authorizations through proactive monitoring of system compliance, formal change management, corrective actions, and package updates
Develop and maintain system risk assessments and, as/if needed, remediation and mitigation plans
Perform technical IT system security/vulnerability assessments using provided tools – interpret results and manage remediation's as needed
Support various other security-related activities including facilitation of change control processes and data call responses; management of encrypted / secure data storage devices; and the evaluation, justification, and management of software and third-party website approvals
Develop and maintain a solid working knowledge of Federal Government customer and Federal security regulations, policies, laws, and requirements
Evaluate systems for compliance with Federal security requirements and develop reports of findings and corrective action plans
Conduct vulnerability scans and determine appropriate mitigations
Perform security reviews and document findings and recommendations
Requirements
Required Skills and Experience
Prior experience working as a contractor or employee at a public health Federal Government agency required
Minimum of 2 years of experience as Information Systems Security Analyst
Experience with industry standard security / vulnerability assessment tools
Information security and compliance knowledge
Strong understanding of Microsoft SharePoint architecture
Security policy development and process implementation experience in Federal agencies preferred
Desire and ability to quickly obtain industry certifications if needed
Demonstrated knowledge of computer operating systems and networks, component architectures, application development, and/or data management processes and technologies – the successful candidate must understand the fundamental technical components, processes, and interactions of enterprise-level information systems
Demonstrated knowledge of fundamental information security concepts and processes such as risk assessment and mitigation strategies, security control techniques and technologies, assessment and evaluation methods, and user access control methodologies
Excellent analytic skills – the successful candidate must be able to receive information, digest it, and apply standards and requirements to that information and to produce a clear and effective evaluation / assessment
FedRAMP experience highly desired
Demonstrated technical documentation capability
Excellent communication skills - both written and verbal
Demonstrated problem-solving capability
Ability to effectively manage time, and prioritize and execute tasks in a high-pressure environment
Must be able to work independently and within deadlines
Ability to pass required Federal background screening / security check including basic and expanded investigations
Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.
Education and Training
Bachelor’s degree in Computer Science, Information Systems Management, or a related field
One or more industry certifications including CISSP, SANS GIAC Certifications, IAT Level I-III, or NSA’s IAM/IEM
Physical Requirements
- Prolonged periods of sitting at a desk and working on a computer. May need to lift up to 25 pounds occasionally.
Who We Are
Tanaq Support Services strives to deeply understand and analyze our clients’ vision, needs, and requirements so we may provide alternative solutions, empowering them to choose the best resolution. We aim to achieve excellence by delivering on our commitments to our clients, employees, and partners.
TSS is an Equal Opportunity and Affirmative Action Employer and participates in E-Verify. All employment decisions are based on merit, qualifications, and abilities. We welcome and encourage diversity in our workforce. Our policies provide equal employment opportunity to all employees and qualified applicants without regard to race, color, religion, national origin, sex, age, disability, pregnancy, sexual orientation, gender identity, transgender status, genetic information, protected veteran status, or any other protected characteristic under federal, state, or local laws. For more information, visitKnow Your Rights (https://www.eeoc.gov/sites/default/files/2023-06/22-088_EEOC_KnowYourRights6.12ScreenRdr.pdf) andPay Transparency Statement (https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf) . TSS complies with the Drug-free Workplace Act of 1988.
If you are an individual with a disability and need assistance completing any part of the application process, please email accommodation@tanaq.com to request a reasonable accommodation. This email is for accommodation requests only and cannot be used to inquire about the status of applications.
St. George Tanaq Corporation
- St. George Tanaq Corporation Jobs