Information Security Analyst - A&A

Information Security Analyst - A & A

Rockville, MD - Hybrid (limited remote)

12+ Months

Key Responsibilities

• Responsible for the ATO packages and Assessments in the client’s Cyber Security Program (CSP).
• Ensures client’s information security policies, standards, and guidelines are in compliance by the individual systems Owners. 
• Ensures that NIH Information Security policies, standards, and guidelines are compliant within the client’s enclave.

• Assists the client in developing the documentation for the security audits of their developed systems.
• Performs security audits of the client systems.
• Assists the NIH Contracting Officers and Program Managers staff along with the external contractors in developing the documentation for the security audits of the contracted systems.

Basic Qualifications

• Excellent teamwork skills
• Able to speak effectively with senior government officials and in group settings
• GCIA, GCIH, GCFE, CISSP, Security +, Network +, CEH, RHCA, RHCE, MCSA, MCP, or MCSE preferred

• Must have minimum of 5-year auditor experience under Risk Management Framework
• Minimum bachelor’s degree in Information Security, Computer Science, or 8 years’ experience in an IT-related field. Exceptional candidates with proven years of experience in security.
• Ability to work at the client’s site in Rockville, MD with limited telework/remote work options

Strong knowledge of the following

• ATO Security Package Analysis
• Understanding of POA&M, Government Waiver policies, Disaster Recovery, and Incident Response Plans
• Preferred experience with CSAM/JCAM