Product Security Analyst - Secret Clearance
6811 Southeast 59th Street Oklahoma City, OK 73135 US
This position supports the integration of security and resiliency into products and services throughout the lifecycle of the product/service to meet all applicable certifications and customer requirements.
Position Responsibilities Include:
- Researches, collects, interprets, tests, and analyzes technical data for system-level product security concepts in the projected operational environments to optimize effectiveness over the program lifecycle.
- Performs product security risk/attack surface/vulnerability and static code analyses, dynamic code analysis, and security audits of applications and application stacks of various provenances.
- Analyzes, triages, aggregates, escalates, and reports relevant product security data and other information sources for attack indicators and potential security breaches.
- Assists in coordination during incidents.
- Correlates and performs trend analysis.
- Analyzes malware and attacker tactics to improve detection capabilities.
- Prepares and presents technical reports and briefings.
- Support various US, Foreign Military Sales and Direct Military Sales programs
- The Limited Information Systems Security Officer (LISSO) ensures, on behalf of the Facility Security Officer (FSO) and the Information System Security Manager (ISSM), that the requirements established in the Security Manual, the System Security Plan (SSP), and Information System Profile are followed for systems approved for classified operations.
- Security responsibilities for LISSOs are defined the Security Manual.
- The LISSO is delegated to perform ISSO responsibilities for implementing and monitoring procedures applicable to classified operations on an authorized IS.
- Responsibilities are limited to those identified within this letter which is established by the ISSM.
- Obtaining guidance from the ISSM in the development of an SSP.
- Ensuring compliance with all pertinent procedures outlined in the BSM, CSSM, IPSM, and each SSP.
- Developing and submitting SSP documentation to the ISSM for approval.
- Controlling access to the IS. This includes physical access, software access, and the validation of security clearances and NTK before allowing access to the system.
- Designating appropriately cleared personnel to act as escorts for visitors and maintenance personnel when they lack the appropriate clearance level, or NTK for the area being entered or visited, equipment being maintained, or information being processed.
- Reviewing or designating a knowledgeable person (a qualified and knowledgeable system user) to review the audit trail logs and records in accordance with the approved SSP.
When changes are planned or are required for the system, the Limited-ISSO or alternate is responsible for:
- Initiating a revision to the SSP
- Submitting the revision to the Information Systems Security
- Ensuring sufficient lead-time for the reauthorization process to be completed before the revision is implemented for classified operations.
- Ensuring audit trail logs and records and review documentation are maintained and retained in accordance with the SSP
- Briefing authorized IS users of their individual responsibilities for safeguarding classified information and the use and protection of the equipment authorized for classified operations. Each IS user and supported person must be briefed before being granted access to an accredited IS and at least annually thereafter. These briefings will include, but are not limited to:
- The need for sound security practices for protecting information handled by the IS, including all input, storage, and output products.
- The specific security requirements associated with the IS.
- The security reporting requirements and procedures in the event of a system malfunction or other security incident.
- Maintaining an inventory of all approved hardware and software.
- Coordinating with the ISSM, through the assigned ISSO, to prepare and obtain approval for applicable SSPs before processing any classified information.
- All security incidents or suspected violations of approved procedures.
- System failure preventing sanitization of system memory or removal of classified information from an IS.
- Any deviations from approved procedures or knowledge of anything that could result in the compromise of classified information.
- Obtaining approval from the ISSM before allowing any changes to the system configuration requiring a system SSP update.
- Obtaining approval from the ISSM when there is a need to connect undocumented test equipment to approved systems while in a classified mode.
- Performing SCAP Scans, ACAS Scans, Nessus Scans
- STIG Checklist
This position requires an active U.S. Secret Security Clearance (U.S. Citizenship Required). (A U.S. Security Clearance that has been active in the past 24 months is considered active)
Security+ (equivalent or higher) certification
Basic Qualifications (Required Skills/Experience):
- Bachelor’s degree or higher
- 6+ years’ experience in the aerospace industry
- Preferred Qualifications (Desired Skills/Experience):
- Experience performing SCAP scans, ACAS scans, Nessus Scans or similar scans
- Experience working on DOD or other classified government systems
What to expect when working with Kavaliro
Just like with our clients, we build our process to meet each individual candidate s needs. Our recruiters take the time to listen to your career goals and ambitions, then work one-on-one with you to help place you in a company that provides the best professional fit.
Call us with a detailed overview of your experience, skills, background, and goals. If you are local and prefer, we will set up a face-to-face interview.
You will be asked to complete an online assessment form to assess your skill level. At the same time, your references will be checked.
Your Kavaliro recruiter will discuss and review potential job opportunities.
When you and your recruiter agree on a potential match, you ll be briefed with helpful insight into the client s needs.
When you begin your employment tenure with the client, Kavaliro will continue to be there to support you in your career.
More From Kavaliro
We ve been in the staffing business for over 10 years because we receive great satisfaction helping both companies and job candidates find their perfect match.Meet our team
Life at Kavaliro
We take culture seriously and believe true strength comes from a collaborative and open-minded environment where everyone is supported and empowered to succeed.Learn more
Careers at Kavaliro
If you want to always have your finger on the pulse of the latest and newest trends in staffing and recruiting, join the Kavaliro team!See internal opportunities
We offer guidance on resume revisions, clarifying your career objectives, and other advice to help you land your dream job.Visit our blog