Overview
Skills
Job Details
Role: Security Compliance Analyst
Location: Remote
Duration: 12+ Months Contract
Statement of Work:
This Security Analyst position supports the Information System Security Officer (ISSO) in security-related tasks for obtaining a Risk Management Framework (RMF) Authorization to Operate (ATO), conducting Assessment and Authorization (A&A) tasks, and development of Plan of Action and Milestones (POAM) associated with maintaining compliance with NIST 800-53. The Security Analyst performs duties as required under direction of the Information System Security Officer (ISSO).
Task Description:
Key duties encompass developing and enforcing security measures to safeguard computer systems, networks, and data. You'll pinpoint, evaluate, and tackle security risks promptly. Additional responsibilities include orchestrating security assessments, devising risk management tactics, bolstering adherence to pertinent federal guidelines (like the Federal Information Security Management Act, National Institute of Standards and Technology standards (NIST), and offering technical assistance during audits and incident responses. Crucial skills include comprehension of the NIST 800-53, the Risk Management Framework (RMF) process, familiarity with system security structures, and robust communication capabilities.
Required skills/Level of Experience :
- Vulnerability compliance and remediation reporting 3 years experience.
- Maintain System Plan of Action and Milestones (POA&M) 3 years experience.
- Certified in industry recognized areas such as Security+
- U.S. Citizenship
Nice to have skills:
- NIST Risk Management Framework (RMF) 3 or more years experience.
- Governance, Risk, & Compliance (GRC) Applications (e.g. Xacta, Archer, CSAM, ServiceNow CAM, or eMASS) (exposure).
- Evaluate Plugin/Vulnerability Scan Tool Results - 3 years experience
Clearance Level:
- Must have Public Trust Clearance.