IT Security Analyst in Cheswick, Pennsylvania
We are looking for an IT Security Analyst to join our Pittsburgh (Cheswick) location.
Your Responsibilities:
1. Support the operational security posture for Curtiss-Wright (CW) Information Systems (IS).
2. Assist the IT Security Manager in compliance with internal and external Information Assurance (IA) requirements and standards such as: NIST 800-171, NISPOM, RMF, NIST 800-53 and future CMMC.
3. Maintain situational awareness of current security posture of CW IS and apply guidance where needed.
4. Provide incident response readiness and support across several IS platforms of various mission impact.
5. Assist the IT Security team with managing governance, risk and compliance by monitoring system activity and access controls, reviewing and updating policies, performing and updating risk assessments, and driving resolution of Plan of Action & Milestones (POA&M) items.
6. Perform continuous monitoring and vulnerability management activities such as IS event analysis and vulnerability identification, reporting, and resolution.
7. Evaluate IS change requests and provide professional guidance to the Configuration Control Board.
8. Participate in the architecture of new IS implementation solutions that meet the needs of the business.
9. Assist the IT Security team with supporting third-party auditors from various federal and non-federal organizations.
10. Perform secure data transfer agent activities when required.
What you Bring:
1. Must be sole US citizen and be able to obtain and maintain DOD security clearance.
2. Bachelor's Degree in Cybersecurity or related field and at least 2 years of experience OR 6 years of experience in lieu of a degree.
3. Strong communication skills, analytical thinking, and problem-solving skills.
4. Ability to prioritize tasks and efforts.
5. Ability to analyze risks, review risk mitigations, and determine residual risk.
6. Ability to work within a team environment and convey knowledge and skill on to other members of the team in support of information security efforts.
7. Ability to maintain information security certifications commensurate with applicable requirements (e.g. CompTIA Security+, SANS GIAC or ISC^2 CISSP).
8. Knowledge of the NIST 800-171 and/or NIST 800-53 security control implementation guidance.
9. Experience with maintaining and operating information system security and vulnerability scanning software (e.g. Trellix ePolicy Orchestrator and Endpoint Security, Trellix Enterprise Security Manager, Tenable.sc, Trellix Data Loss Prevention, etc.) is preferred.
10. Experience with DOD Risk Management Framework and the Enterprise Mission Assurance Support Service (eMASS) is a plus.
Who we are:
EMD a business unit of Curtiss-Wright in Cheswick, PA designs, manufactures, tests, and provides after-market support for the most advanced, proven and reliable critical function pumps, motors, generators, seals, control rod drive mechanisms and power conditioning electronics available anywhere in the world today.
Compliance Statement
This position may require exposure to export-controlled information and subject to additional security screening. In the event information provided during the security screening reveals ineligibility to access export-controlled information, any offer of employment may be reconsidered or withdrawn.
Curtiss-Wright values diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.
If you require accommodation due to a disability at any time during the recruitment and/or assessment process, please contact Talent Acquisition (TA_COE@curtisswright.com) and we will make all reasonable efforts to accommodate your request.
Join the WRIGHT Team!
#J-18808-Ljbffr