Information Security Analyst
Westat
Rockville, Maryland
information security
security
analyst
security
insurance
management
software
information security
data
assessment
risk management
compliance
health
Apply with Tarta Assistant 🤖
Unleash the power of automation for your job search (Paid option) Apply Manually(Free)
I have time, I'll manually find and apply for jobs
Unleash the power of automation for your job search (Paid option) Apply Manually(Free)
I have time, I'll manually find and apply for jobs
90% of users say Tarta.ai Assistant helps them save time applying for jobs.
Not a member? Click
here to subscribe.
January 12, 2023
Westat
Rockville, Maryland
Job Description
Westat is an employee-owned corporation providing research services to agencies of the U.S. Government, as well as businesses, foundations, and state and local governments. Westat's research, technical, and administrative staff of more than 2,000 is located at our headquarters in Rockville, Maryland, near Washington, DC.
Westat is committed to building a diverse workforce and a culture of inclusivity, belonging and equity for all. We believe that our greatest strength draws on the different backgrounds, cultures, perspectives and experiences of our employees.
Job Summary:
Westat is seeking an information security analyst who can assist in planning and implementing security measures to protect computer systems, networks and data. The individual in this position interacts closely with product vendors and service providers, personnel from various Westat IT departments including the application development, operations and network, and privacy teams and with business departments.
Job Responsibilities:
Plan and implement security measures to protect computer systems, networks and data.
Identifies opportunities to improve risk posture, developing solutions for remediating or mitigating risks and assessing the residual risk.
Draft FISMA security authorization document packages for project information systems.
Identifies and facilitates implementation of appropriate controls to effectively manage information risks as needed in standard platform configurations for on premises, AWS, and Azure systems.
Conduct forensic analysis and investigation of incidents and/or data issues.
Perform threat and vulnerability assessments, in some cases followed by appropriate remedial action, to ensure that systems are protected from known and potential threats and are free from known vulnerabilities.
Create, collect information, and maintain Westat security assessment Evidence Library.
Analyze and review program efforts relative to analysis and design, software quality assurance (QA), and security requirements management of client initiatives.
Provide security related technical support in assisting during the development of release/build scope plans, risk management, and schedules to maintain compliance with the client software development process.
Offer assistance during the development of user acceptance testing procedures to ensure security controls performed as intended in a production environment prior to deployment.
Provides consultative advice to personnel to enable them to suggest informed risk management decisions.
Deliver or facilitate training for secure software coding practices to software developers.
Maintain network security diagrams.
Participate in information security working groups.
Basic Qualifications:
A bachelor's degree, preferably in an IT related field is required.
At least 3 years of experience.
Preferred Qualifications:
Experience with Cyber Security Assessment and Management (CSAM).
Experience in implementing risk management program by utilizing CIS-Benchmarks, NIST, RMF, HIPPA, HITRUST, and FISMA compliance.
Experience testing system security controls and determining security compliance with requirements.
Familiarity with the software development lifecycle processes.
Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response and identity and access management.
Experience in developing, documenting and maintaining security procedures.
Minimum Qualifications:
Analytical, problem solving, detail oriented mindset.
Candidates must have excellent communication skills.
Westat offers a well-rounded and comprehensive benefits program focused on wellness and work/life balance. Eligible employees may participate in:
Protecting the health and safety of our employees and survey participants is a top priority for Westat. As a federal government contractor, Westat will require Westat staff, regardless of work location, to provide proof that they are fully vaccinated against COVID-19 upon hire and to follow all safety protocols, subject to approved accommodations under applicable law.
Westat is an Equal Opportunity Employer and does not discriminate on the basis of race, creed, color, religion, sex, national origin, age, veteran status, disability, marital status, sexual orientation, citizenship status, genetic information, gender identity or expression, or any other protected status under applicable law.
Westat is an employee-owned corporation providing research services to agencies of the U.S. Government, as well as businesses, foundations, and state and local governments. Westat's research, technical, and administrative staff of more than 2,000 is located at our headquarters in Rockville, Maryland, near Washington, DC.
Westat is committed to building a diverse workforce and a culture of inclusivity, belonging and equity for all. We believe that our greatest strength draws on the different backgrounds, cultures, perspectives and experiences of our employees.
Job Summary:
Westat is seeking an information security analyst who can assist in planning and implementing security measures to protect computer systems, networks and data. The individual in this position interacts closely with product vendors and service providers, personnel from various Westat IT departments including the application development, operations and network, and privacy teams and with business departments.
Job Responsibilities:
Plan and implement security measures to protect computer systems, networks and data.
Identifies opportunities to improve risk posture, developing solutions for remediating or mitigating risks and assessing the residual risk.
Draft FISMA security authorization document packages for project information systems.
Identifies and facilitates implementation of appropriate controls to effectively manage information risks as needed in standard platform configurations for on premises, AWS, and Azure systems.
Conduct forensic analysis and investigation of incidents and/or data issues.
Perform threat and vulnerability assessments, in some cases followed by appropriate remedial action, to ensure that systems are protected from known and potential threats and are free from known vulnerabilities.
Create, collect information, and maintain Westat security assessment Evidence Library.
Analyze and review program efforts relative to analysis and design, software quality assurance (QA), and security requirements management of client initiatives.
Provide security related technical support in assisting during the development of release/build scope plans, risk management, and schedules to maintain compliance with the client software development process.
Offer assistance during the development of user acceptance testing procedures to ensure security controls performed as intended in a production environment prior to deployment.
Provides consultative advice to personnel to enable them to suggest informed risk management decisions.
Deliver or facilitate training for secure software coding practices to software developers.
Maintain network security diagrams.
Participate in information security working groups.
Basic Qualifications:
A bachelor's degree, preferably in an IT related field is required.
At least 3 years of experience.
Preferred Qualifications:
Experience with Cyber Security Assessment and Management (CSAM).
Experience in implementing risk management program by utilizing CIS-Benchmarks, NIST, RMF, HIPPA, HITRUST, and FISMA compliance.
Experience testing system security controls and determining security compliance with requirements.
Familiarity with the software development lifecycle processes.
Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response and identity and access management.
Experience in developing, documenting and maintaining security procedures.
Minimum Qualifications:
Analytical, problem solving, detail oriented mindset.
Candidates must have excellent communication skills.
Westat offers a well-rounded and comprehensive benefits program focused on wellness and work/life balance. Eligible employees may participate in:
- Employee Stock Ownership Plan
- 401(k) Retirement Plan
- Paid Parental Leave
- Vacation Leave
- Sick Leave
- Holiday Leave
- Professional Development
- Health Advocate
- Employee Assistance Program
- Travel Accident Insurance
- Medical Insurance
- Dental Insurance
- Vision Insurance
- Short Term Disability Insurance
- Long Term Disability Insurance
- Life and AD&D Insurance
- Critical Illness Insurance
- Supplemental Life Insurance
- Flexible Spending Account
- Health Savings Account
Protecting the health and safety of our employees and survey participants is a top priority for Westat. As a federal government contractor, Westat will require Westat staff, regardless of work location, to provide proof that they are fully vaccinated against COVID-19 upon hire and to follow all safety protocols, subject to approved accommodations under applicable law.
Westat is an Equal Opportunity Employer and does not discriminate on the basis of race, creed, color, religion, sex, national origin, age, veteran status, disability, marital status, sexual orientation, citizenship status, genetic information, gender identity or expression, or any other protected status under applicable law.
Report this job