This job post is closed and the position is probably filled. Please do not apply.

Jobs search

JOB DETAILS

Information Security Analyst (Remote)

Emmes • Full-time • Remote (CA, BC, Vancouver) • 1m ago

Information Security Analyst

Canada Remote Worker

The Emmes Company, LLC (“Emmes”) is a global, full-service Clinical Research Organization dedicated to excellence in supporting the advancement of public health and biopharmaceutical innovation. We believe in the power of truth, so much so that we named our company Emmes, which means truth. Through decades of experience we have learned that collaborative relationships thrive and human health benefits when truth is our compass.

Our “Character Achieves Results” culture is driven by five key values that guide our actions in the way we conduct research and distinguish us as an organization: Integrity, Agility, Passion for Excellence, Collaborative Partnerships and Intellectual Curiosity. We are a trusted partner to clients who share our passion for improving public health in a world of ever-changing scientific research.

If you share our motivations and passion in research, come join us! You will be joining a collaborative culture that empowers every Emmes employee — from entry level through top executive — to contribute to our clients’ success by sharing ideas openly and honestly.

Primary Purpose

Supports and reinforces the company's compliance with governmental regulations, policies, and processes as well as governance of risk.Includes monitoring of security data from external sources (Industry portals, DoD, US-CERT, partners, etc.) and vendor advisories and conducting threat intelligence gathering. Responsible for compliance and Security Authorization activities for Emmes clients in accordance with National Institute of Standards and Technology (NIST) guidance and ISO 27001.

Responsibilities

Responsible for compliance with the FISMA regulation and associated standards. Good understanding of the NIST Special Publications, FIPS and OMB and Federal Information Processing Standards (FIPS).
Reviews system security controls (managerial, operational, and technical) to determine adequacy against federal requirements and mission context utilizing security assessment plans for systems, including the objectives, scope, schedule, required documentation, possible risks, and other logistical items for security assessments.
Tracks the corrective actions in POA&Ms and coordinates the remediation with various groups. Tracks and reports FISMA metrics and Key Performance Indicators (KPIs).
Develops and updates information systems security documentation. Ensures that Authority to Operate (ATO) are obtained in a timely manner.
Works closely with Security Operations to provide assistance with tool configuration and operation
Works closely with the Audit and Quality Assurance (QA) functions to provide validation of security control tests for third-party vendors, e.g., software, hardware, and cloud service providers.
Routinely conducts risk assessments/reports to quantify impacts of vulnerabilities or decisions to the federal government. Participates in the production of cohesive compliance reports.
Prepares documentation from information obtained from customers using accepted guidelines such as RMF.
Assists with development and implementation of system security plans and contingency plans.
Completes documentation in support of project / sponsor activities (e.g., checklists, questionnaires, etc.) and support external audits of Emmes.
Performs all essential functions adhering to the highest level of ethical and professional conduct.
Other duties as assigned

Experience

Bachelor’s degree in Computer Science, Cyber Security, Engineering or related technical discipline
Demonstrated ability to resolve issues related to assigned work project of moderate complexity
Equivalent to 4 years cyber security experience with Federal standards and OMB Memoranda, and performing Authorization and Accreditation
Experience with FISMA assessment processes
Demonstrated knowledge of
NIST 800-37, Risk Management Framework (RMF) and NIST 800-53 security controls.
IT security foundational principles and methods, such as firewalls, DMZ, and encryption
Networking principles, such as connections, protocols (TCP/IP), IP addressing, routing, and switching
Experience writing scripts in PERL, Python or PowerShell
Ability to effectively communicate cyber security issues (in verbal and written form) and related topics with senior cyber staff and IT team members
Excellent technical writing and verbal communication skills
Maintains up to date on computer and network vulnerabilities and exploits
CompTIA Security+ certification preferred

Why work at Emmes?

Benefits

We offer a competitive benefits package focused on the health and needs of our growing workforce, including

At Emmes, your actions and hard work will have a direct impact on public health initiatives, both globally and in our local communities with opportunities for volunteerism through our Emmes Cares community engagement program.

Unlimited Approved Leave
Extended Healthcare Insurance
RRSP Contribution
Maternity / Parental Leave Top Up
Tuition Reimbursement / Professional Development
Wellness and Healthcare spending account