Information Security Analyst - New Jersey Area

Description:SEMCON supports the Federal Aviation Administration (FAA)'s mission, vision, and goals; and provides highly qualified, professional, technical, and managerial resources to satisfy our customer requirements.




SEMCON is proud to offer a company culture that aligns enriching career experiences, growth opportunities, and collaborative engagement for all of our SEMCON employees which together, results in a rewarding environment and a company value which is greater than the sum of our parts.




We are in search of a Information Security Analyst who will have the opportunity to join our collaborative team at the William J. Hughes Technical Center to support the Voice Switching and Recording (VS&R) program.




Requirements:The Information Security Analyst should be proficient in Linux and will focus on Security Assessments and Security Implementation and experience should include all or a combination of the following :




Security Assessments

Plan, execute and track security risk assessment process adherence, interfacing with stakeholders from other functional areas (such as other security teams) and coordinating with vendor resources to assist with remediation
Experience building and adhering to schedules to meet security authorization milestones, reporting status on the milestones and providing solutions to schedule challenges to avoid impacts
Experience performing analysis of 3rd party system security design at the software, operating system and network level, and documenting system security design to address NIST controls
Thorough technical understanding of NIST SP 800-53 security controls, and participation in risk assessments of systems to NIST controls
Experience conducting vulnerability and compliance assessments of systems using industry standard benchmarks (e.g. CIS, STIGs) with tools such as Nessus and nmap
Investigate and respond to notices of potential vulnerabilities and other design/inventory questions
Review event logs from system components to assist in troubleshooting or security investigations
Review deployment schedules and equipment orders to identify devices that will utilize network communication.
Coordinate IP address/subnet requests and firewall rule requests using tables and spreadsheets.
Track locations, subnets, assets, and IP addresses using spreadsheets, sharing those data items with other teams as required.




Security implementation: hardening and ongoing maintenance

Deep knowledge of Linux/Unix operating structure and interfaces with experience in scripting (BASH)
Understand the use of operating system configuration, software configuration, and design choices to address security controls (such as NIST SP 800-53)
Experience configuring COTS and open-source software packages
Knowledge of CISCO IOS and configuration of security features
Thorough technical understanding of IP networks and the OSI model.
Experience hardening operating systems to industry standard benchmarks (e.g. CIS, STIGs)
Experience analyzing TCP/UDP port scanning results and identifying/analyzing associated vulnerabilities
Familiarity with languages such as C++, Python, and the differences between them
Experience applying updates/patches for operating systems, applications, and device firmware
Experience with the use of change control processes to manage system baselines

Familiarity with the following tools is desired:

Nessus
Nmap
Microsoft SQL Server Management Studio or other SQL database management
SSH client such as PuTTY
Web interfaces administration for device configuration
Windows Command Prompt, such as ipconfig, netstat, ping, etc.
Windows administration tools
ArcSight – Event searches from a web interface (Logger, Recon, ESM Command Center)

A Bachelor's Degree in Computer Science, Engineering, or related discipline and at least 6 years of experience is preferred.




SEMCON will offers a competitive salary and complete benefits package which includes health benefits (medical, dental, vision, and life), 401K with a generous employer match, paid time off, and paid holidays. Some hybrid/telework may be available for candidates with a long commuting distance from the facility in Egg Harbor Township, NJ, however a regular on-site presence is also required.




Applicants must be authorized to work for ANY employer in the U.S. We are unable to sponsor or take over sponsorship of an employment Visa at this time



PId2bd1c8b9b6c-25401-34375581