Product Security Analyst 2
Moseley Technical Services, Inc.

Check out this new opportunity!

Product Security Analyst

Oklahoma City, OK

Contract Position

$41.24-$52.38/Hour

For over 25 years we have partnered with the world's most renowned Aerospace company. We get to be a part of the design and creation of over 10,000 active commercial aircraft to keeping our nation safe at a mission critical level. Working with industry leaders provide you with state of the art facilities, and a map for career growth into the future.

Let us help you to elevate your career by joining our team!

Responsibilities:

• Support the research, collection, interpretation, test, and analysis of technical data for system-level product security concepts in the projected operational environments to optimize effectiveness over the program lifecycle.
• Support product security risk/attack surface/vulnerability analyses and security audits of applications and application stacks of various provenances.
• Support the analysis, triage, aggregation, escalation, and reporting of relevant product security and anti-tamper data and other information sources for attack indicators and potential security breaches.
• Assist in coordination during incidents.
• Support the correlation and performance of trend analysis.
• Analyze malware and attacker tactics to improve detection capabilities.
• Prepare and present basic technical reports and briefings.
• Research, collect, interpret, test, and analyze technical data for system-level product security concepts in the projected operational environments to optimize effectiveness over the program lifecycle.
  
• Perform product security risk/attack surface/vulnerability and static code analyses, dynamic code analysis, and security audits of applications and application stacks of various provenances.
  
• Analyze, triage, aggregate, escalate, and report relevant product security data and other information sources for attack indicators and potential security breaches.
  
• Correlate and perform trend analysis.
• Ensure, on behalf of the Facility Security Officer (FSO) and the Information System Security Manager (ISSM), that the requirements established in the company Security Manual (BSM), the System Security Plan (SSP), and Information System Profile are followed for systems approved for classified operations. Security responsibilities for LISSOs are defined the company Security Manual.
• Perform ISSO responsibilities for implementing and monitoring procedures applicable to classified operations on an authorized IS.
• Identify within this letter which is established by the ISSM.
• Obtain guidance from the ISSM in the development of an SSP.
• Ensure compliance with all pertinent procedures outlined in the BSM, CSSM, IPSM, and each SSP.
• Develop and submit SSP documentation to the ISSM for approval.
• Control access to the IS, this includes physical access, software access, and the validation of security clearances and NTK before allowing access to the system.
• Designate appropriately cleared personnel to act as escorts for visitors and maintenance personnel when they lack the appropriate clearance level, or NTK for the area being entered or visited, equipment being maintained, or information being processed.
• Review or designate a knowledgeable person (a qualified and knowledgeable system user) to review the audit trail logs and records in accordance with the approved SSP.
• Initiate a revision to the SSP
• Submit the revision to the Information Systems Security
• Ensure sufficient lead-time for the reauthorization process to be completed before the revision is implemented for classified operations.
• Ensure audit trail logs and records and review documentation are maintained and retained in accordance with the SSP
• Brief authorized IS users of their individual responsibilities for safeguarding classified information and the use and protection of the equipment authorized for classified operations.
• Each IS user and supported person must be briefed before being granted access to an accredited IS and at least annually thereafter.
• Protect information handled by the IS, including all input, storage, and output products.
• Report requirements and procedures in the event of a system malfunction or other security incident.
• Maintain an inventory of all approved hardware and software.
• Coordinate with the ISSM, through the assigned ISSO, to prepare and obtain approval for applicable SSPs before processing any classified information.
• Report any of the following, through the assigned ISSO, to the ISSM:
• Prevent sanitization of system memory or removal of classified information from an IS.
• Obtain approval from the ISSM before allowing any changes to the system configuration requiring a system SSP update.
• Obtain approval from the ISSM when there is a need to connect undocumented test equipment to approved systems while in a classified mode.
• Perform SCAP Scans, ACAS Scans, Nessus Scans
• STIG Checklist
• Research, analyze and compile technical data to support the integration of security and resiliency into products and services throughout the lifecycle of the product/service to meet all applicable certifications and customer requirements
• Coordinate during incidents
• Analyze malware and attacker tactics to improve detection capabilities.
• Prepare and present technical reports and briefings

Qualifications:

• Bachelor's Degree or higher.
• Secret Clearance
• Security+ (equivalent or higher) certification
• 3+ years' experience in the aerospace industry
• Preferred Qualifications (Desired Skills/Experience):
  • Experience performing SCAP scans, ACAS scans, Nessus Scans or similar scans
  • Experience working on DOD or other classified government systems

Your Recruiter

What to Expect

• Applicants selected for employment will be required to pass a pre-employment drug screening and background investigation which may include education, criminal and work history verifications.
• Accepted applicants will have the opportunity to be eligible for benefits, including medical and supplemental insurance and a 401K. Appreciation and gratitude for employees is a hallmark of organizations with low turnover.

Moseley Technical Services, Inc. is an AA/EEO/Veterans/Disabled Employer.

Resources

To apply, send resume to: resumes@moseleytechnical.com

For more active job openings: http://www.moseleytechnical.com

For more information about Moseley visit: http://www.moseleytechnical.com/about-us/

This job has expired.