ARDX is seeking highly motivated, flexible, organized, and detail-oriented Jr. Systems Security Analysts. You will perform plan, schedule, execute and report on controls assessments in a highly diverse IT environment including mainframes, data centers, Cloud Service Providers, and a wide variety of Major Applications and databases.

Duties

• Manage a program assessment from initial planning, scheduling, communications with systems owners and related stakeholders through to final reporting
• Prepare required assessment documentation
• Assist in process improvement and automation for the assessment methodology
• Conduct technical evaluation of information system design, focusing on information security aspects and accreditation according to the NIST Risk Management Framework
• Utilize various information system documentation, inspection tools to audit systems, analyze potential vulnerabilities and identify mitigation approaches
• Acquire and review program documentation such as Risk Assessments, Security Plans, and Contingency Plans
• Conduct assessments of client and contractor facilities, as needed, to ensure compliance with security requirements tailoring requirements, as needed
• Analyze and determine compliance with applicable federal and legislative regulations
• Utilize National Institute of Standards and Technology (NIST) Cybersecurity Framework, Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs), Center for Internet Security (CIS) benchmarks and other Federal information security benchmarks and best practices
• Conducting technical, management, operational and privacy reviews
• Application penetration testing
• Ensure timeliness and quality of deliverables

Qualifications

• Bachelor's degree from an accredited college or university is required.
• Requires 1-2 years’ experience with 800-53 security controls review.
• One or more of the following certifications: CAP, CISSP and/or Security+ CE.
• Strong communication skills both oral and written.
• This position is onsite at NIH once reopened. Per government regulations, proof of full vaccination or negative COVID test results may be required for entry to the work site.