Security Information Assurance Analyst




Please note that this is a 1 year contract position. Provides Cloud Security Architecture and Compliance expertise for the client. bull Works closely with Account Security Officer (ASO), Segment Security Officers (SSO) and Cloud Service Providers (CSP) to ensure FedRAMP compliance bull Provides Cloud Computing Migration Assessments and Accreditations Services (AA) for Software (SaaS), Infrastructure (IaaS), and Platforms (PaaS) using Federal Risk and Authorization Management Program (FedRamp) compliant criteria. bull Works closely with Account Security Officer (ASO) and Segment Security Officers (SSO) to ensure operational security measures are implemented. bull Assesses and mitigates system security risks determines and analyzes security requirements for implementation and testing. bull Reviews and continuously monitors implemented security controls. bull Creates and maintains security checklists, templates and other tools to aid in the AA process. bull Performs security control assessment using NIST 800-53A guidance and as per continuous monitoring requirements. bull Performs risk analyses to determine and recommends essential safeguards. bull Proactively mitigates system vulnerabilities and recommends compensating controls. bull Prepares security authorization packages in accordance with the client contractual requirements. bull Develops core documents such as System Security Plan, Contingency Plan, Incident Response Plan, Standard Operating Procedures, Plan of Actions and Milestones, Remediation Plans, Configuration Management Plan, etc. bull Monitors and Maintains client-specific Plan of Action and Milestones and supports remediation activities. bull Monitors and Maintains an inventory of hardware and software for the information system. bull Monitors and Develops, tests and trains on Contingency and Incident Response planning. bull Conducts and reviews independent scans of application with Program Team, network and database and utilizes Managed Security Services Vulnerability Assessment Team (VAT) support as applicable. EXPERIENCE LEVEL 10+ yearsrsquo experience working as an Information Assurance Analyst for an information technology, information assurance, or information management program EDUCATION Must possess a minimum of a Bachelorrsquos Degree or Masterrsquos Degree, PhD or JD in a technical specialty such as cyber security, computer science, management information systems or related IT field (Master's Degree Preferred) CERTIFICATIONS (One or more required) CompTIA Security +, CPTE - Certified, Penetration -Testing Engineer, CEH - Certified Ethical Hacker, Certified KNOWLEDGE AND SKILLS REQUIRED bull Excellent communications skills bull Fluent in English, grammar and communication bull Ability to influence OCISO Delivery system stakeholders in the execution of security and compliance requirements bull Knowledge of the security countermeasures and overall RMF and NIST compliance Experience as a Security consultant in Risk and Compliance bull Experience in working with security mgt including information governance and compliance bull Good understanding of Assurance Practices and Risk Management, hands on experience bull Experience of security processes and standards, in particular NIST 800-series and RMF bull Knowledge of security audit and accreditation processes bull Ability to interpret request for proposal and respond to security and compliance requirements bull Knowledge of Federal Security, industry and market trends and client offerings bull Understands client solutions - what they consist of, product roadmaps, IT concepts bull Understands how cyber security GRC requirements fit within or interface with the sales of other solutions in client and client's partner strategies bull Understands federal security and regulations impacting security requirements to develop strategies for supporting internal Client operations Applicants must provide their phone number. Reference Job Number A157

Go Back