Information Assurance Analyst

Booz Allen Hamilton Inc. Little Rock , AR 72215

Posted 2 months ago

Information Assurance Analyst

Key Role:

Execute the VA Enterprise Risk Analysis (ERA) process using a custom ERA tool to identify key cybersecurity risk factors in network-connected medical devices and Special Purpose Systems, including building automation systems, physical security systems, and operational technology. Summarize, evaluate and report risk factors using quantitative and qualitative scores to provide a VA authorizing official with awareness of the residual cyber risk prior to connecting these devices to the VA network. Acquire, review, and leverage system documentation and data gathered through questionnaires and interviews with customers in the field and vendors and manufacturer representatives to accurately document critical security posture elements in a common reporting format, including hardware and software inventory, communications profile, system interconnections, data types and stores, the presence or lack of security controls, and settings and mechanisms for a given device type. Work within the Specialized Device Security Division Risk Management team and collaborate with Federal and contractor teammates to achieve the best outcomes for the ERA process. This position is open to remote delivery anywhere within the U.S., to include the District of Columbia.

Basic Qualifications:

  • Experience with Cybersecurity, risk management, or risk assessment for complex systems

  • Experience with NIST SP 800-53 and NIST SP 800-30

  • Experience with documenting and depicting network topology and network protocols

  • Ability to engage directly with clients and third parties to facilitate enterprise risk analysis

  • Ability to obtain a security clearance

  • HS diploma or GED and 18+ years of experience with systems security engineering or BS degree in CS, IT, or Engineering and 10+ years of experience with systems security engineering

Additional Qualifications:

  • Experience with cybersecurity analysis of medical technology or Internet of Things (IoT)

  • Experience with Governance, Risk, and Compliance (GRC)

  • Experience with Assessment and Authorization (A&A) and eMASS

  • Experience with Excel and Visio

  • Public Trust clearance

  • CompTIA Security+, Certified Risk Management Professional (CRISC), or Certified in Risk and Information Systems Control (CRISC)


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.

We're an EOE that empowers our people-no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic-to fearlessly drive change.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Information Security Analyst

Massmutual Financial Group

Posted 1 week ago

VIEW JOBS 9/16/2021 12:00:00 AM 2021-12-15T00:00 Do you want to be part of a team that encourages your growth, supports your ambitions and makes it a priority for you to reach your goals? Is helping people part of who you are? At MassMutual, we help millions of people find financial freedom, offer financial protection and plan for the future. We do this by building trust with our customers by being knowledgeable problem solvers and prioritize their needs above all else. We Live Mutual. Description We're growing and our clients deserve the best. As a Security Operations Center (SOC) analyst you'll have an opportunity to part of a growing team of Cybersecurity analysts who are passionate about protecting MassMutual's assets and customers by leveraging problem solving skills and innovative technology solutions. In this role, as well as all roles within MassMutual, you will demonstrate accountability, agility, a dedication to be inclusive, a strong business acumen, and will show courage, even in the most difficult situations. We also highly value strong communication skills, a passion for learning, leadership traits, resilience, and self-awareness. What success looks like. * Supporting MassMutual's Security Operations Center by leveraging industry leading security tools and your knowledge of Cybersecurity threats to prepare, identify, contain, eradicate, and recover from security incidents. * Cultivate and maintain relationships with internal and external teams to support the SOC's mission * Continuously identifying opportunities for further improvement (lessons learned) and automation What your days and weeks will include. * Perform monitoring for cybersecurity related technologies generating alerts for potential security events requiring investigation * Perform technical analysis for cybersecurity events requiring deeper investigation * Perform Malware analysis and extract Indicators of Compromise (IOCs) to feed our Threat Intelligence Platform * Learning about the MassMutual business and technology environment in order to detect anomalous behavior from standard expected activity * Identify, classify, and document adversary Tactics, Techniques and Procedures (TTPs) * Work collaboratively with our Security Intelligence team to enrich and enhance prevention, detection, and threat hunting capabilities * Partner with our Security Platforms team to develop playbooks required to successfully respond to specific threats * Optimize Alerting platforms through tuning of alerting logic The skills that make you a great fit. * High School Diploma * High level knowledge of Cybersecurity attack and defense techniques * Understanding of living off the land techniques used by adversaries, using tools such as PowerShell, WMIC, Task Scheduler, Windows Registry etc. * Interest in continuous learning and a passion for Cybersecurity * Ability to apply problem solving skills to support analysis and detection efforts * Strong written and verbal communication skills * Strong analytical and problem-solving skills * Experience and confidence with communicating with and presenting to senior leadership * Ability to work (4) 10 hour days 1 pm - 12 am Preferred Skills: * Bachelor's degree in a related field * Certifications: CISSP, CISM, CISA, GCIH, GIAC * Knowledge of and practical experience with the MITRE ATT&CK framework * Python, PowerShell or other scripting languages * Functional knowledge of how operating systems (Windows, Mac, Linux). * Experience working with a SIEM platform * Understanding of web application vulnerabilities including XSS, CSRF, SQL Injection, command injection and serialization attacks * Strong understand of web authentication flows such as SAML and OAUTH * Understanding of automated attacks such as credential stuffing and site scraping target job salary $64,700.00 - $113,200.00 #LI-BO1 #LI-Remote Why Join Us. We've been around since 1851. During our history, we've learned a few things about making sure our customers are our top priority. In order to meet and exceed their expectations, we must have the best people providing the best thinking, products and services. To accomplish this, we celebrate an inclusive, vibrant and diverse culture that encourages growth, openness and opportunities for everyone. A career with MassMutual means you will be part of a strong, stable and ethical business with industry leading pay and benefits. And your voice will always be heard. Recognized as a 2020 World's Most Ethical Company by Ethisphere, MassMutual is guided by a single purpose: We help people secure their future and protect the ones they love. As a company owned by our policyowners, we are defined by mutuality and our vision to put customers first. It's more than our company structure - it's our way of life. We are a company of people protecting people. Our company exists because people are willing to share risk and resources, and rely on each other when it counts. At MassMutual, we Live Mutual. MassMutual is an Equal Employment Opportunity employer Minority/Female/Sexual Orientation/Gender Identity/Individual with Disability/Protected Veteran. We welcome all persons to apply. Note: Veterans are welcome to apply, regardless of their discharge status. Massmutual Financial Group Little Rock AR

Information Assurance Analyst

Booz Allen Hamilton Inc.