Security Analyst (Technical)

Description

RESULTS. INNOVATION. VALUES. ACCOUNTABILITY.

That’s RIVA.  Our employee-first approach has manifested a culture that attracts the best and brightest.  By investing in people firsts, and providing a flexible work environment, our employees have higher moral, higher productivity rates, and lower turnover. At RIVA, people are our #1 priority.

Project Description

The scope of this project is the management of IT projects for NIA; including development, Operation and Maintenance (O&M) support for state-of-the-art IT facilities and equipment; Network infrastructure and operation; internet and intranet services; the development and maintenance of Institute-wide or program-specific databases and information systems; and the design and implementation of continuing professional development programs of computer literacy and competency for Institute staff. As part of ITB’s mandate, it provides for a variety of IT support and services to all NIA staff. Assisting in the completion of required IT Assurance activities of NIA systems in accordance with Federal and NIH guidelines.

Position Description

RIVA Solutions, Inc. is looking for a Security Analyst to provide IT Services and Support to the NIA Information System Security Office (ISSO) team and NIA user community. The Security Analyst will provide Knowledge of federal information security standards, rules and regulations related to information security and data confidentiality and desktop, server, application, database, network security principles for risk identification and analysis. Experience should include security policy development, security education, network penetration testing, application vulnerability assessments, risk analysis and compliance testing. 5+ years of progressive experience in computing and information security, including experience with Internet technology and security issues. Security+ or CISSP certification required.

Responsibilities:

• Vulnerability Management:
  • Utilize Tenable Security Center to identify, assess, and remediate vulnerabilities within the organization’s infrastructure.
  • Ensure timely patch management and compliance with CIS benchmarks.
• Antivirus Management:
  • Oversee the antivirus systems and deploy updates and patches as necessary.
  •  Knowledge of antivirus thread analysis. CylancePROTECT is a plus, however other industry tool experience is acceptable.
• Firewall Experience:
  • Contribute to firewall configuration, monitoring, and threat detection.
  • Desired experience with Palo Alto Firewalls, however similar industry tool experience is acceptable.
• Security Risk Assessment:
  • Participate in security risk assessments for new and proposed software, hardware, and system assets.
  • Contribute to risk mitigation strategies and recommendations.
• Deployment of Security Products:
  • Assist in planning and deploying new security products into the enterprise environment.
  • Experience with planning and deploying industry security tools (BigFix and Tennable experience is a plus).
  • Collaborate with cross-functional teams to ensure a seamless integration.
• Scripting and Automation:
  • Use scripting languages such as PowerShell, bash, AppleScript, Python, or similar for automation of security tasks.
  • Create and maintain scripts to enhance security processes and response.

 Requirements

• The security analyst must have at least 5+ years of progressive experience in computing and information security, including experience with Internet technology and security issues, preferably within a SOC environment.
• Working knowledge and experience with vulnerability analysis.
• Understanding of security risk assessment methodologies and practices.
• Proven ability to plan and deploy security products as an enterprise environment.
• Working Knowledge and experience with the following security tools:
  • Tenable Security Center (formerly Tenable.sc).
  • BigFix
  • CylancePROTECT or competitor tool
  • Delinea Secret Server
  • Keeper Password Manager
  • Palo Alto Firewalls, and/or industry standard firewalls
• Proficiency in scripting and automation using PowerShell, bash, AppleScript, Python, or other similar languages.
• Strong analytical and problem-solving skills and excellent communication (oral, written, presentation), interpersonal and consultative skills.
•  Security+ or CISSP security certification.

RIVA Solutions is an Equal Opportunity/Affirmative Action employer.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identify, national origin, disability, veteran status, or any protect class.  If you need a reasonable accommodation to search for a job opening or to submit an online application, please email [email protected].  Only messages left for this purpose will be returned.