*Position is eligible for Remote/Work from Home Opportunity*
Department: Systems Security
Telecommuting: Yes
Paygrade: E13
Notice of Collection & Privacy Policy for Applicants Residing in California: California Applicant Privacy Policy | Noridian (noridiansolutions.com)
Job Title
Senior Security Configurations Analyst
Job Summary
The Security Configurations Analyst guides the implementation of systems security activities which include creating/submitting baselines, analyzing system settings, and making recommendations for system updates to ensure appropriate security regulations and standards. This position collaborates with other Subject Matter Experts (SMEs) to complete baseline and system setting improvements.
Essential Functions
Key Duties/Responsibilities/Accountabilities
- Completes CAPS and resolves audit findings and security issues ensuring problems are resolved in an effective and timely manner.
- Administers network and computing devices/systems that enforce security policies and audit controls.
- Provides direction and guidance to the team.
- Takes on new baseline applications by researching new baseline application and determining the best approach to review and gather proof documents.
- Conducts Security Impact Analysis of changes to the environment and provides risk analysis to management.
- Provides responses to government agencies and customers on Systems Security related inquiries.
- Reviews recommended security exceptions for impact to the organization and provides recommendations to management.
- Mentors other Analysts on specifics related to job duties.
- Analyzes information systems for security settings consistency and compliance.
- Develops scripts to be used by automated tools to scan remote endpoints for configuration settings and evidence gathering.
- Analyzes settings and makes recommendations to Systems Administrators to follow prescribed settings.
- Submits completed baselines and woks to perfect submissions.
- Teams with SMEs to remediate failed controls.
- Participates in internal and external IT audits.
- Supports processes for identification, collection, and review of relevant data.
- Makes determinations on appropriate course of correction for deviations and exceptions.
- Facilitates remediation of security vulnerabilities identified.
- Analyzesinformation systems security baseline settings documentation to check for errors and ensure content and logic are accounted for and accurate.
- Works with other Analysts within the department to address discrepancies in the baseline reports.
- Collects manual evidence for proofs showing settings on systems using administrative credentials.
- Assists with corrective action plans (CAPs), audit findings, and security issues.
- Reviews policy documents, guidelines, and procedural documents built around the Security Configuration process to ensure they are up-to-date.
- Analyzes vulnerability data and creates incidents to initiate the need for changes by IT to bring systems into compliance.
- Performs administration duties on symantic endpoint protection.
- Scans software new to the company for vulnerabilities for approval to use by everyone.
- Builds scripts to be used by automated tools to scan remote endpoints for configuration settings.
- Performs post-patching vulnerability scans on a task basis assigned through Service Now.
- Maintains and improves knowledge of information security technology and trends.
Non-Essential Duties and Functions
- Other duties/projects as assigned
- May assist with new responsibilities resulting from Information Technology (IT) and security business transformation.
Minimum Qualifications
- Bachelor’s degree in Information Technology, Computer Science, or related field OR equivalent work experience as determined by Human Resources
- 7years’ experience in security, IT or technology, data analytics, or software environment with familiarity with data system security
- Advanced analytical thinking, problem solving, and technical/analytical skills
- Possesses research, data analytic, prioritization, and organizational skills
Preferred Qualifications
- Bachelor’s degree in Information Security, Information Technology, or Computer Science
- 10years’ experience applicable experience
- Intermediate technical skills, analytical thinking, and problem-solving skills
- Basic IT skills
Environment and Cognitive/Physical Demands
- Office Environment
- Ability to read, hear, speak, keyboard, reason, communicate effectively and problem solve
- Requires prolonged sitting and telephone use
- Requires the use of office equipment such as computer terminals, telephones, copiers and printers
- Infrequent lifting to 15 pounds
- Infrequent stooping
- Overtime may be required
Segregation of Duties
Every employee is responsible to perform their duties and responsibilities in accordance with Noridian values, policies and procedures, including but not limited to: Segregation of Duties Principles, HIPAA, Security and Privacy, CMS requirements, the Noridian Compliance Program and any other applicable laws, rules and regulations.
Statement of Other Duties
This document describes the essential functions, requirements, and responsibilities of this job, and is not intended to be a complete list of all tasks and functions. Employees may be requested to perform job related tasks other than those specifically listed in this description and may be required to perform any task requested by the supervisor or management.
Total Rewards Package:
Health, Dental and Vision Insurance, Voluntary Insurance Plans, Health Savings and Flexible Spending Accounts, 401k and Company Match, Company-paid Life Insurance, Education Assistance Program, Paid Sick Leave, Paid Holidays, Increasing PTO Accrual Plan, Medical/Parental/Disability Leave, Workers Compensation, Retiree Benefits,Severance Package, Employee Assistance Program, Financial and Health Wellness Benefits, Casual Dress, Open Office Setting, and Online Learning System.
CMS Access Compliance and Regulation Contingency Statement
Some positions require compliance with (i) federal, and agency specific regulations and related clauses included in Noridian’s prime contracts with the Government, (ii) background checks, and (iii) eligibility for a government-issued identification card.
Equal Employment Opportunity
Equal Opportunity Employer of Minorities, Females, Protected Veterans, and Individuals with Disabilities as well as Sexual Orientation or Gender Identity.
Other Information
Below is the salary range for potential new hires:
Salary Range: $68,928.86 – $113,369.53
Other Compensation: Incentive Plan
This job will be closed 10/04/2023 at 8:00AM CST. No further applications will be considered.
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)