Information Security Analyst

Key Skills Required:
Security Risk Assessments:

• Experience conducting in-depth security risk reviews of enterprise-level applications and infrastructure using industry-standard tools and methodologies.

Information Security (InfoSec) Risk Management:

• Strong background in reviewing security postures, identifying vulnerabilities, and ensuring remediation plans are in place across 30+ applications.

AWS (Amazon Web Services):

• Proficiency in cloud security controls and best practices within AWS environments.

Zero Trust Architecture:

• Hands-on understanding of Zero Trust principles and ability to apply them to enterprise systems to enforce strong access controls and reduce attack surface.

Security Compliance & Frameworks:

• Familiarity with federal compliance standards, especially FISMA, and experience aligning systems to NIST, CIS Controls, or similar frameworks.

Xacta 360:

• Experience using Telos Xacta for continuous compliance assessments, security documentation, and automated control mapping.

Application Security & Compliance:

• Experience ensuring secure design and compliance of restricted or sensitive applications, including maintaining compliance artifacts and conducting reviews.

Collaboration & Communication:

• Ability to work cross-functionally with business, governance, and technical teams; strong communication and judgment skills are essential