IT Security Analyst II

IT Security Analyst II

CNA, 3003 Washington Blvd, Arlington, Virginia, United States of America Req #696

Wednesday, October 2, 2024

PRIMARY PURPOSE

CNA is hiring for an IT Security Analyst II in our Chief Information Office (CIO). The CIO is responsible for supporting staff with all facets of CNA across a wide spectrum of information and technical activities.

This position serves as the Security Analyst for classified networks and systems at CNA headquarters. The position is responsible for assisting the Information System Security Officer (ISSO) and Information System Security Manager (ISSM) in maintaining risk management framework network systems across CNA.

The analyst will also maintain multi-user standalone systems and other local networks supporting two or more components of overall Information Technology systems.

CNA fosters an inclusive culture that values diverse backgrounds and perspectives. Our flexible and engaging work environment encourages iterative and creative collaboration at every stage of the problem-solving process.

Our employees are committed to helping clients develop effective solutions to better manage their programs through scientific, data-driven approaches.

We are looking for creative and innovative individuals to help carry out our mission.

JOB DESCRIPTION AND / OR DUTIES

IT Security Monitoring : Implements and optimizes security monitoring, event correlation, compliance and alerting solutions.

Performs regular audits of all networked and standalone devices (including desktop computers, laptops, servers, and / or handheld devices).

Scans for unauthorized networks (including wireless) and prevents systems from bridging networks.

IT Security Compliance : Performs and assists with certification and accreditation (C& A) and risk assessment activities.

Generates compliance reports and disseminates information to pertinent staff for remediation. Creates, maintains and monitors compliance of security policies, procedures, and manuals.

• IT Security Architecture : Responsible for maintaining and utilizing information security architecture. Research security threats and evaluates new security hardware and software by implementing mitigation procedures to reduce security risk to the network.
• Incident Response : Participates in Computer Security Incident Response Team activities. Respond to, analyze, and resolve IT Security incidents.

Assist the Information System Security Manager (ISSM) with disseminating incident reports. Assist in conducting internal investigations on matters concerning security violations, misconduct, and other charges.

Consult with and support the Compliance Committee on internal investigations, as required.

• IT Security Training : Assist the ISSO / ISSM with the development, implementation and administration of the CNA corporate wide security education and awareness programs focusing on IT Security training, to include phishing campaigns, and training for employees, consultants and / or subcontractors.
• Assist the ISSO / ISSM with management and execution of the information security program, physical security program in full accordance with NISPOM, DAAPM, NIST 800 series, and other DoD, Navy security regulations and publications.
• IT Security Support : Responds to IT Security service tickets, such as researching security relevant software request, performing virus remediation, and assist with basic troubleshooting surrounding SIPR Tokens and other login related issues.
• Assist the ISSM as needed on special projects and may lead special projects as assigned. Performs other duties as assigned.

JOB REQUIREMENTS

Education : Bachelor's degree in Computer Science, Management Information Systems, Computer Security, Information Assurance, or equivalent qualified security experience.

At least one of the following certifications in IT Security at the time of hire is required : CAP, GSLC, Security+, CISM, CASP CE, or CISSP.

• Experience : Minimum 5 years of progressive experience in IT security and related technologies. Experience of 3 years with classified computing is required.
• Skills : Must have proven customer service skills; ability to analyze vulnerability scans using Nessus, SecurityCenter, ACAS, Host Based Security System (HBSS), among others;
• computer literacy and proficiency; presentation skills; excellent oral and written communication skills; Familiarity with standards such as, NIST, DIACAP, FISMA, working knowledge of the NISPOM, JFAN, JPAS, ICDs and Navy Information, excellent interpersonal skills;

ability to manage small projects.

• Other : Ability to lift 30 lbs. (e.g. computer equipment), walk (to end user stations), and bend (to install and connect equipment).
• Clearance : After hire an active Secret clearance will be required, with the ability to obtain and retain a Top Secret security clearance.

Voluntary (But Desired) Document

Please include a personal statement as part of your application. A personal statement is a chance for us to get to know you.

The statement is your opportunity to share your goals, interests, influences and show us that you will be a valuable asset to our organization.

Please click here for personal statement guidelines - Click here. Personal statements will not be used as an elimination criteria for this position.

They will only be used to enhance a candidate's application.

CNA is committed to providing equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, religion, color, sex (including pregnancy, gender identity, and sexual orientation), parental status, national origin, age, disability, family medical history or genetic information, political affiliation, military service and protected veterans, or other non-merit-based factors.

In addition to federal legal requirements, CNA complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities.

These protections extend to all terms and conditions of employment, including recruiting and hiring practices, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training and career development programs.

For more information about EEO protections, please view the EEO is the law posters here : "EEO is the Law" Poster" , "EEO Poster Supplement" .

The pay transparency policy is available here : Pay Transparency Nondiscrimination Poster . To be considered for hire, all individuals applying for positions with CNA are subject to a background investigation.

For positions requiring access to classified information, U.S. citizenship is required. Individuals will also be subject to an additional government background investigation, and continued employment eligibility is contingent upon the ability to obtain and maintain an active security clearance.

Other details

• Job Family Information Technology
• Job Function Career Path III - Professional
• Pay Type Hourly
• Employment Indicator (none)

Apply Now

context" : "https : / / schema.org / ","@type" : "JobPosting","title" : "IT Security Analyst II","datePosted" : "2024-10-02T00 : 00 : 00","validThrough" : "2025-02-02T23 : 59 : 00","description" : "JOB DESCRIPTION AND / OR DUTIES n n nIT Security Monitoring : Implements and optimizes security monitoring, event correlation, compliance and alerting solutions.

Performs regular audits of all networked and standalone devices (including desktop computers, laptops, servers, and / or handheld devices).

Scans for unauthorized networks (including wireless) and prevents systems from bridging networks. nIT Security Compliance : Performs and assists with certification and accreditation (C& A) and risk assessment activities.

Generates compliance reports and disseminates information to pertinent staff for remediation. Creates, maintains and monitors compliance of security policies, procedures, and manuals.

nIT Security Architecture : Responsible for maintaining and utilizing information security architecture. Research security threats and evaluates new security hardware and software by implementing mitigation procedures to reduce security risk to the network.

nIncident Response : Participates in Computer Security Incident Response Team activities. Respond to, analyze, and resolve IT Security incidents.

Assist the Information System Security Manager (ISSM) with disseminating incident reports. Assist in conducting internal investigations on matters concerning security violations, misconduct, and other charges.

Consult with and support the Compliance Committee on internal investigations, as required. nIT Security Training : Assist the ISSO / ISSM with the development, implementation and administration of the CNA corporate wide security education and awareness programs focusing on IT Security training, to include phishing campaigns, and training for employees, consultants and / or subcontractors.

nAssist the ISSO / ISSM with management and execution of the information security program, physical security program in full accordance with NISPOM, DAAPM, NIST 800 series, and other DoD, Navy security regulations and publications.

nIT Security Support : Responds to IT Security service tickets, such as researching security relevant software request, performing virus remediation, and assist with basic troubleshooting surrounding SIPR Tokens and other login related issues.

nAssist the ISSM as needed on special projects and may lead special projects as assigned. Performs other duties as assigned.

n n nJOB REQUIREMENTS n n nEducation : Bachelor's degree in Computer Science, Management Information Systems, Computer Security, Information Assurance, or equivalent qualified security experience.

At least one of the following certifications in IT Security at the time of hire is required : CAP, GSLC, Security+, CISM, CASP CE, or CISSP.

nExperience : Minimum 5 years of progressive experience in IT security and related technologies. Experience of 3 years with classified computing is required.

• nSkills : Must have proven customer service skills; ability to analyze vulnerability scans using Nessus, SecurityCenter, ACAS, Host Based Security System (HBSS), among others;
• computer literacy and proficiency; presentation skills; excellent oral and written communication skills; Familiarity with standards such as, NIST, DIACAP, FISMA, working knowledge of the NISPOM, JFAN, JPAS, ICDs and Navy Information, excellent interpersonal skills;

ability to manage small projects. nOther : Ability to lift 30 lbs. (e.g. computer equipment), walk (to end user stations), and bend (to install and connect equipment).

nClearance : After hire an active Secret clearance will be required, with the ability to obtain and retain a Top Secret security clearance.

n n n","employmentType" : "FULL TIME","hiringOrganization" : "@type" : "Organization","name" : "CNA","logo" : "https : / / us242.

dayforcehcm.com / CandidatePortal / en-US / cna / Go?item e9219c28-70fd-46be-a07f-b70b2a1b4eee" ,"jobLocation" : "@type" : "Place","address" : "@type" : "PostalAddress","streetAddress" : "3003 Washington Blvd","addressLocality" : "Arlington","addressRegion" : "Virginia","postalCode" : "22201","addressCountry" : "USA" ,"jobLocationType" : null,"baseSalary" : "@type" : "MonetaryAmount","value" : "@type" : "QuantitativeValue","value" : null,"minValue" : null,"maxValue" : null,"unitText" : "HOUR"

CNA, 3003 Washington Blvd, Arlington, Virginia, United States of America