ECS is seeking a Cyber Security Analyst to work in our Silver Spring, MD office.
* Responsible for a wide range of assignments and projects relative to information systems and security matters. The incumbent ensures the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures and tools.
* Oversee cyber security requirements for control and communication systems aboard NOAA's new Auxiliary General Oceanographic Research (AGOR) Variant (NAV) ship including 1) all equipment or interconnected system or subsystem of equipment that is used in the automatic acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission, or reception of data or information and 2) hardware and software included in machinery control systems, bridge systems, navigation systems, dynamic positioning systems, and exterior communication systems. Responsible for NAV cyber security documentation; removal of unnecessary services and programs; host intrusion detection system; intrusion protection system; system and information integrity; changes to file system and operating system permissions; hardware configuration; installation of operating systems, applications, and third-party software updates; firewalls; identification and authentication; systems and communications protection; configuration management; contingency planning; testing; and audit and accountability.
* Develops, implements, and evaluates security programs of organization, including the implementation of security programs designed to anticipate, assess, and minimize system vulnerabilities such as intrusion detection or access authentication programs. Coordinates implementation of security programs across platforms and establishes vulnerability reporting criteria; enforces proper back up procedures for all system and network information; enforces legal controls that provide protection from unauthorized access, alteration, loss, disclosure, and blocking of information.
* Implements higher-level security requirements; integrates security programs across disciplines; participates in assessment of new systems design methodologies to improve software quality; performs implementation activities; institutes measures to ensure awareness and compliance; identifies need for changes based on new security technologies or threats; reviews and evaluates security incident response policies, reviews proposed new systems, networks, and software design for potential security risks; and resolves integration issues related to implementation of new systems with existing infrastructure.
* Coordinates development of information security system and application policies, guidelines, standards, requirements, and procedures. Recommends ways to protect organization's information and information systems. Participates in web-based applications, network, and systems designs to ensure implementation of systems security policies, guidelines and procedures, including initial design; system life cycle change review; and configuration management.
* Participates in testing and implementation of new security technologies; tests and implements new policies; institutes measures to ensure awareness and compliance.
* Assists staff in carrying out security development, implementation, operations, and maintenance requirements when staff install or update software, networks, and applications.
* Participates in creating and maintaining system-security plans, contingency plans, risk assessments, and certification statements. Conducts periodic system security evaluations, audits and reviews
* Must have a Bachelors degree in science, engineering, or administration
* Technical knowledge of computer characteristics, office automation & telecommunication techniques, systems development, systems life-cycle management, & the laws and regulations governing the acquisition, management & use of information technology resources.
* Extensive experience and knowledge of IT principles, concepts, and methods (e.g., data storage, software applications, networking) with specific focus on the protection of IT systems.
* Experience with development, application, analysis, and testing of security methods and systems which prevent or limit the loss of IT resources due to unauthorized access, destruction, disclosure, tampering, or alteration.
* Experience identifying and evaluating IT system vulnerabilities and proposing solutions, developing security standards for both government and commercial use, instructing others on the proper application of IT security techniques.
* Cybersecurity experience with commercial or public ships or unmanned systems.
ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state, or local law. ECS promotes affirmative action for minorities, women, disabled persons, and veterans.
ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 2300+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.