NewWave HQ

  • Information Security Analyst

    Job ID 2018-1145
  • Overview

    As a provider of massive data storage, access, and analytics solutions used by some of the world’s largest public and private healthcare organizations, NewWave understands the precious nature of the information we manage. There’s a reason our relationships with these important clients has grown continuously since our founding, and why we frequently out-compete some of the largest systems integrators in the nation. It’s because we always live up to our promise to employ the most rigorous engineering principles in building, integrating, and maintaining secure and cost-efficient solutions, vetting and deploying the most advanced technologies available as they emerge.


    NewWave develops and integrates new cutting-edge, cloud-based solutions using the most advanced technologies and current best practices. When it comes to modernizing legacy systems, we like to think of what we do as similar to swapping out the engines of an airliner in midflight — without the passengers ever noticing what happened. Landing clients safely for NewWave means delivering infrastructure and solutions that make data securely accessible to support better services, improve outcomes, and remove unnecessary pain from people’s lives.

     

    Responsibilities

    Performs duties and responsibilities commensurate with assigned functional area within a department(s) which may include, but are not limited to, any combination of the following tasks

     

    • Work with developers to refine security checkpoints in the SDLC and make sure information security risks are managed throughout all the phases of the SDLC
    • Use automated tools to perform source code security analyses to identify vulnerabilities and attack vectors in web applications
    • Provide FedRAMP requirements and guidance.
    • Provide Federal Information Security Management Act (FISMA) support and subject matter expertise.
    • Independently develop a variety of C&A deliverables including: System Security Plans, E-Authentication Risk Analysis, Privacy Impact Assessments, Annual Assessments, Contingency Plans, Incident Response Plans, and FIPS 199 Security Categorizations, etc.
    • Develop and maintain Plans of Action and Milestones corrective actions for audit findings.
    • Recommend system architecture solutions based on industry best practices and knowledge of Federal and organizational security guidelines.
    • Performs periodic internal audits, vulnerability assessments, and Web Application testing.
    • Maintains current knowledge of relevant technology as assigned.
    • Participates in special projects as required.

    Qualifications

    • 5+ years of related experience in Security Compliance.
    • Hands-on experience with NIST Standards and FedRAMP Regulations.
    • CAP or FITSP certification strongly desired
    • Bachelor’s Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience


    Preferred

    • Experience in managing IS Security, developing policies, procedures and guidelines in a complex environment
    • CIPP/G certification desired (but not required if the candidate has experience driving ATOs including the privacy controls specified in NIST SP 800-53 rev 4 Appendix J.
    • Experience in the development, implementation and operation of IT Security Strategy within a complex environment
    • Knowledge and experience with security best practices and relevant legislation
    • Experience with IT Security management, access policy and management, authentication and SSO, authorization, audit, secure communications and network protection, data protection and privacy, security administration, security information base
    • Understanding of security implications


    Technical Skills

    • Nessus
    • Burp Suite Professional
    • CSAM/CFACTS
    • Proficient in Microsoft Office (Word, Excel, PowerPoint, etc.)
    • Microsoft Project


    Interpersonal Skills

    • Excellent interpersonal, communication, and organizational skills.
    • Should be extremely facts and data oriented.
    • Should be deadline and closure oriented.
    • Strong persuasion, facilitation and influencing skills.
    • High Energy Levels. Should be self-driven.
    • Strong analytical, organizational and project management skills.
    • Demonstrated ability to lead and work with cross functional teams including senior level individuals.
    • Must be able to thrive in a fast-paced, rapidly evolving environment with varying priorities, based on a team building culture.


    NewWave is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. NewWave is a proud Veteran friendly employer.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed