Senior Security Information Analyst

Alexandria, Virginia

Post Date: 08/28/2017 Job ID: 24854 Industry: Other Area(s)

Senior Security Information Analyst

Location: Alexandria, VA
  • Responsibilities include but not limited to:
    • Writing and updating the security documents required by US federal government standards. This includes developing or updating FIPS 199 categorization, System Security Plans (SSPs), Interim Authority to Test (IATTs), Contingency Plans, Incident Response Plans, Configuration Management Plans, Security Policies and Procedures, POA&M’ s, Rules of Behavior, etc.
    • Assisting in the architecting, design and optimization security controls implementation
    • Assessing and mitigating system security threats and risks throughout the program life cycle
    • Identifying system boundaries, operating components, and data flow in an enterprise or system architecture— whether cloud or non-cloud based
    • Supporting the Assessment and Authorization (A&A) activities such interviewing key system support personnel about roles, responsibilities, tools, processes, and procedures related to the security of the IT systems, components, and organizations
    • Researching the IT security tools and techniques used by customer in order to understand and articulate their implementation
    • Supporting a team of advisory consultants on USTPO FedRAMP engagements

  • Requirements:
    • 8+ years of IA Experience
    • Knowledge of FedRAMP, NIST SP 800 Series, Federal Regulations, Risk Management Framework (RMF), and other security methodologies
    • Experience with FedRAMP Assessments
      • Worked for a 3PAO (3rd party assessment organization), assisted or conducted FedRAMP Assessments, worked for a Cloud Service Provider, or worked for an Agency that handles FedRAMP Assessments (USPTO cloud experience preferred but not required)
    • Security Documentation experience
      • Has written new SSPs, SOP’ s, POA&M’ s, Security Impact Assessments, Contingency Plans, Incident Response plans, Configuration Management Plans, etc.
    • Consulting/ Client Facing Experience
      • Strong communication skills (written and verbal)
      • General Dynamics, Deloitte, Accenture, PWC, KPMG, Knowledge Consulting Group (ManTech), Kratos, etc.
    • Knowledge or experience with the use of a eGRC tool (CSAM preferred, but not required)
    • Certifications
      • Security+ (at a minimum), CAP, CISM, CISSP
  • Bachelors Degree is preferred. Work Experience will be considered in lieu of a Degree.

Must be Eligible for a Public Trust Clearance.


Apply Online

Not ready to apply?

Send an email reminder to:

Share This Job:

Related Jobs: