• Security Analyst

    Job Location US-Washington DC
    Posted Date 3 months ago(3 months ago)
  • Overview

    eMentum is seeking a motivated Security Analyst join our team in Rockville, MD.


    The successful candidate must be a U.S. Citizen


    The successful candidate must have at least a Public Trust Security Clearance



    Relocation reimbursement is not available for this position.




    eMentum values Diversity and is an Equal Opportunity Employer (M/F/V/D)


    • Will be involved in developing an ATO package for Appian and Salesforce Hybrid applications in a Federal Agency environment.
    • The candidate will respond to assessment and accreditation tasks, audit tasks and other system security tasks.
    • The candidate may act as the interface between auditors and system subject matter experts. This will require the candidate to understand the target systems to appropriately decompose inquiries to actionable items for SMEs, and then validate the SME responses.
    • The candidate will be involved in assessment of IT systems and components with enterprise class security standards and practices and identifying appropriate design and mitigation actions. This may involve using enterprise security tools (e.g. WebInspect, Fortify, Nessus) or responding to reports from those tools.
    • Activities may involve responding to real time production system issues/events or analysis of new or enhancement capabilities. This will require applying a broad system security engineering view to evaluate security controls documented in the System Security Plan (SSP).
    • The Candidate will be involved in all phases of the NIST 800 series documentation and Accreditation and Authorization process.


    Required Skills:

    • Experience with supporting assessment of IT systems compliance with Federal IT Security standards. (NIST 800-53, FISMA, others)
    • Experience responding to security audits and compliance assessments including decomposing auditor requests to actionable items, compiling and presenting security audit artifacts.
    • Experience evaluating IT system compliance with government and commercial security practices • Working knowledge of Assessment and Accreditation practices.
    • Familiarity with security test tools and responding to security findings.
    • General knowledge of enterprise scale IT systems, architectures and components (networking, security appliances, servers, and virtualization) particularly the system integration challenges balancing secure operations with operational need.
    • Experience supporting multi-vendor technology solutions.
    • Excellent communication skills, both written and verbal.
    • Solid documentation skills.
    • 3+ years of experience with Appian, Salesforce, AWS cloud
    • 3+ years of experience with Ethernet and IP networking knowledge and extensive experience in the application of IP protocols.
    • 3+ years of experience in large scale network design and implementations.
    • CISSP

    Desired Skills and Qualifications:

    • Experience with security test tools (e.g. Nessus, Web Inspect).
    • Experience with enterprise configuration management tools (e.g. SPLUNK, SVN, SBM, Jenkins).
    • Experience with enterprise security services (e.g. IDS, log aggregation, credential management, PKI). Experience with Windows administration including Active Directory.
    • Experience with Linux and/or Unix administration.
    • Experience with FDA Systems and Security Protocols.
    • Ability to recognize security risks, document risk, and clearly communicate findings and recommendations.
    • Experience supporting Incident Response events.
    • Exposure to the federal risk management framework as outlined in NIST & Deploying solutions to meet compliance requirements arising from that framework.
    • Experience with FIPS determination.


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed