Computercraft is looking for a Security Analyst to support the National Institutes of Health (NIH) Business System. The successful candidate will join our team of cloud, security, and compliance experts. This role requires experience ensuring the security, confidentiality, integrity, and availability of a Federal financial system. Excellent problem-solving skills, self-motivation, and an eye for detail are essential for this role. In addition, the candidate must be comfortable in a fast-paced, collaborative, diverse, and professional environment. This is a full-time position local to the Washington, DC, area.
- Understand the security baselines of the environments assigned and perform work in compliance with the standards set forth by the security baselines.
- Support monitoring of system vulnerabilities in the NBS environment and desktop vulnerabilities assigned to NBS staff.
- Review security vulnerability and compliance scans on a daily, weekly, or monthly basis to monitor the assigned environments and assets to determine compliance with the required standards.
- Generate vulnerability data, analyze the data, and produce comprehensive weekly or biweekly status reports to show vulnerability remediation activities in the NBS environment and desktop assets.
- Support the Federal Information System Security team to update security policy and process documents. Identify gaps in business processes and policies and update the process and policy documents as required.
- Update required security documentation, including the following:
- System Security Plan (SSP)
- Incident Response Plan (IRP)
- Plan of Action and Milestones (POA&M)
- Configuration Management Plan (CMP)
- Develop and maintain POA&Ms and support remediation activities in coordination with the Federal Information System Security team.
- Maintain the inventory of assets in the NBS environment and desktops.
- Create and maintain a Microsoft Project Schedule to provide visibility to IT Security activities across the Core Services Division (e.g., vulnerability monitoring, activities vulnerability status reporting, POA&Ms, and updates to process and policy documents).
- Coordinate vulnerability remediation activities with Federal and contractor Information System Security team members.
- Minimum of 3 years of experience in IT System Security.
- Minimum of 3 years of experience applying project management skills for medium- to large-scale initiatives.
- Ability to actively and effectively communicate, interact, and solve critical customer problems.
- Ability to think and act strategically and proactively.
- Demonstrated hands-on experience using data and reports in one or more security vulnerability reporting tools.
- Ability to work independently with minimal direction or supervision.
- Strong working knowledge of Microsoft Excel, Word, PowerPoint, and Project.
Computercraft offers an excellent benefits package that includes health, dental, vision, and disability and life insurance; a 401(k) plan with matching; paid leave starting at 128 hours/year for the first 3 years of employment; and 11 paid holidays. We also offer the opportunity for a positive work–life balance with a standard 40-hour work week and the chance to work alongside a team of highly accomplished professionals.
To learn about other Computercraft job opportunities, please visit the Careers section of our website: https://www.computercraft-usa.com/.
EEO Employer—Disability/Veteran/Minority/Female/Sexual Orientation/Gender Identity