1-3 years of relevant professional experience in information security, cyber risk management, network defense, or internships/co-ops/hands-on cybersecurity training that demonstrate applied security principles
Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or related technical field; or an Associate degree plus 2 years of hands-on experience as a substitute for a Bachelor's degree
CompTIA Security+ CE (or equivalent) required
Requirements:
Support the IRS information security program, assisting with cyber risk management and network defense activities
Assist in the development and maintenance of security controls, RMF/ISCM plans, and adherence to the IRS Enterprise Lifecycle and OneSDLC
Contribute to technology risk assessments across web services, network appliances, software, and cloud environments, including FedRAMP considerations
Leverage governance, risk, and security analytics tools (Qmulos Q-Compliance, SharePoint, ServiceNow GRC, SPLUNK) to track findings and support security engineering, analysis, and assessment
Job description
cFocus Software seeks a Jr. Information Security Analyst to join our program supporting the Internal Revenue Service (IRS). This position is remote. This position requires a Public Trust clearance.
Qualifications:
Active Public Trust clearance
1 to 3 years of relevant professional experience in information security, cyber risk management, network defense, or
Experience may include internships, co-op positions, or hands-on cybersecurity training programs that demonstrate applied understanding of security principles.
Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or a related technical field.
An Associate degree plus 2 additional years of hands-on experience may substitute for a Bachelor’s degree.
CompTIA Security+ CE (or equivalent) required.
Network+, CEH, or CAP certifications preferred.
Knowledge of FISMA, NIST Special Publications, OMB, Risk Management Framework (RMF), and ISCM Plan development.
IT security knowledge with desired Professional Certifications from the International Information System Security Certification Consortium (ISC)2, the International Society for Automation (ISA), the Project Management Institute (PMI), CompTIA, or the SANS Institute
Knowledge of the IRS infrastructure, technologies and general support systems is highly desirable
Knowledge and experience with technology risk assessments covering Webservices, network appliances and software
Knowledge and experience the IRS Enterprise Lifecycle and OneSDLC
Knowledge of System Interconnections to include virtual private network VPN) and other encryption technologies
Knowledge and experience with cloud systems, CSPs, and FedRAMP requirements
Knowledge of IRS Business Units and IT enterprise processes organizational processes within the
Knowledge/experience with Qmulos Q-Compliance, SharePoint, Scanning tools, ServiceNow GRC, SPLUNK
Knowledge and experience with technology security engineering, analysis, and assessment
Knowledge and experience with security architecture principles and system modeling
