Security Compliance Analyst

Overview

On Site
Depends on Experience
Contract - W2
Contract - 12 Month(s)

Skills

FedRAMP
FISMA
Configuration Management
CISSP
Certified Ethical Hacker
NIST 800-53
SOC2
RegSCI
Splunk
PCI-DSS
security
Cyber Security
Compliance

Job Details

Job Title: Security Compliance Analyst
Location: Rockville, MD / Tysons, VA (fully Onsite)

Contract role


Job Description:
Consultant's Responsibilities (overall and day-to-day):
As a Security Compliance Analyst, you will be joining a team performing security assessments and providing consulting support to assist clients in meeting FISMA and FedRAMP requirements. The ideal candidate will have a firm understanding of how to apply the principles of Information Security in a variety of circumstances and expertise translating the NIST 800-53 guidelines into common technical implementations.
Develop Security Authorization Packages that are compliant with FISMA/FedRAMP requirements. Package components include: System Security Plans, Contingency Plans, Configuration Management Plans, Incident Response Plans, Privacy Impact Assessments, and Plan of Action and Milestones (POA&M)
Assist in the review and analysis of Security Authorization Packages for completeness and compliance with FISMA/FedRAMP requirements
Demonstrate ability to lead compliance and assessments projects through the project lifecycle from initiation to project closure
Lead working sessions with client and audit team to ensure expectations and direction are aligned and timelines are being met
Collaborate across multiple internal teams to ensure successful delivery of artifacts and closure of audit field work
Provide review and analysis of vulnerability scan results from tools such as Nessus, Qualys, AppDetective, WebInspect, IBM AppScan, Burp Suite, etc.
Build a customer-focused relationship with client(s)
Experience reviewing and updating policies, standards, and procedures to ensure they are up to date and reflect current practices
Demonstrate familiarity with FISMA and NIST 800 series guidelines (800-30, 800-37, 800-53 and 53A, 800-60, etc.)
SOC2
RegSCI
PCI-DSS
Splunk


Education/Experience Requirements:
 CISSP/CEH/AWS certs/CASP/Security + certification or equivalent highly desired
Bachelor s Degree (preferably in Information Technology or Cyber Security) or equivalent work experience
FedRAMP experience HIGHLY preferred

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.