Job Description
JOB NUMBER: 1508 | LOCATION: Atlanta, GA CLEARANCE/ACCESS LEVEL: NACI
AMDEX.ai The Art of Data Science
We are a seasoned Full-spectrum data solutions firm. We deliver insights, strategies, data analytics, and technical expertise to accelerate data modernization. We specialize in data sciences and cloud solutions, application development and maintenance, program management, and health IT operations leveraging experience and trusted talent to solve the federal government’s most pressing business and technical challenges. Without you, it’s just data.
AMDEX Corporation is seeking an Information Security Analyst with Network and Cloud security expertise to join its team supporting our Federal government customer.
Position Overview: (Network/Cloud Security)
Serve as a Subject Matter Expert (SME) in Network/Cloud security as new and existing systems are developed or retooled and migrated to the cloud. Additionally, assess the potential risks and vulnerabilities within the organization’s computer systems and networks. Conduct risk assessments to identify weaknesses and develop strategies to mitigate and minimize security risks, including Plans of Action & Milestones (“POA&M”) where appropriate. Scan applications and server operating systems, providing recommendations to system/application stakeholders to respond/mitigate vulnerabilities.
Support as requested the ongoing facilitation, monitoring, and oversight of System Security Authorization processes, evaluating proscribed managerial, operational and technical safeguards protecting the confidentiality, integrity and availability of systems and the information in them.
Responsibilities include:
PRIMARY
- Serve as a Subject Matter Expert (SME) in Network/Cloud security
- Conducting vulnerability scans, recognizing vulnerabilities in information systems and networks and providing advice to remediate the vulnerabilities, using CDC supplied tools like Nessus Tenable and Fortify WebInspect.
- Analyze and track identified vulnerabilities, providing technical recommendations to system/application stakeholders to respond/mitigate vulnerabilities.
- Engage directly with IT system and application stakeholders/development teams to ensure security practices are embedded throughout the SDLC lifecycle.
- Serve as a subject matter expert on IT Security to system and application stakeholders and more junior IT Security Analysts.
- Skill in implementing secure development life cycles to integrate security and privacy considerations throughout all phases of the development process, helping developers build highly secure software, and address security compliance requirements.
- Conduct independent reviews of draft:
- System documentation, Risk assessment, mitigation and tracking documents, BCP procedures, testing and updates.
- Annual self-assessments and BCP updates
- Change requests, System retirement work packages, re-certification packages
OTHER RESPONSIBILITIES (as needed)
Assist owners with accurate and timely completion of Privacy Impact Assessments and Social Security Number Usage Exception requests.
- Support development, use and update of System of Records Notice for support programs and systems.
- Support request for non-standard software and open source/freeware by completing tests
- Scan incoming portable media for malicious software
- Respond to antivirus alerts, lost IT asset reports, patch management and other reports.
- Support issuance, proper use, tracking and reporting of CDC-authorized Universal Serial Bus media.
- Support completion and processing of level III software request.
Skills, Experience & Qualifications:
- 10+ years of experience in network/system/cloud administration and security
- Experience serving as a Subject Matter Expert (SME) in Network/Cloud security.
- Hands-on experience with configurations, concepts, design, support, etc.
- Strong technical skills, including the ability to understand business requirements and present appropriate solutions.
- Skill in conducting vulnerability scans recognizing vulnerabilities in information systems and networks and providing advice to remediate them.
- Skill in providing advice and guidance to remediate potential vulnerabilities.
- Skill in providing security architecture support.
- Experience with various cyber security tools, including Tenable, RedSeal, Splunk, Safe Console, etc.
- Knowledge of OMB, NIST, HHS, CDC policy and guidance
- Eligible for Government access Clearance.
- CISSP/CCSP certification
*Due to the nature of the contracts we support, only US citizens and permanent residents will be considered for this role.
AMDEX Corporation offers a competitive salary package and attractive benefits package.
- Medical | Dental | Vision (Base plan employee premiums 100% company paid)
- Employer Paid Life and Disability Insurance, STD and LTD
- Employee Assistance Plan and Employee Discounts
- 11 Federal Holidays | PTO accrual with carryover
- 401(k) Plan with company match | Flexible Spending Accounts: Medical, Dependent, Transit
- Tuition Reimbursement&Training Assistance
Visit our Careers website at www.amdexcorp.com/amdex-ai-jobs/ .
EOE M/F/D/V