Overview
On Site
Contract - W2
Skills
NIST 800-53
Information security
System security
Configuration Management
Incident management
Project lifecycle management
Vulnerability scanning
IBM Security AppScan
Burp suite
NIST SP 800 Series
PCI DSS
Security+
Information Technology
Cyber security
Regulatory Compliance
FISMA
FedRAMP
Authorization
Privacy
IMPACT
Leadership
Auditing
Collaboration
Nessus
Qualys
WebInspect
Policies
System on a chip
Splunk
CISSP
Certified Ethical Hacker
Amazon Web Services
DICE
Job Details
Responsibilities (overall and day-to-day):
As a Security Compliance Analyst, you will be joining a team performing security assessments and providing consulting support to assist clients in meeting FISMA and FedRAMP requirements. The ideal candidate will have a firm understanding of how to apply the principles of Information Security in a variety of circumstances and expertise translating the NIST 800-53 guidelines into common technical implementations.
As a Security Compliance Analyst, you will be joining a team performing security assessments and providing consulting support to assist clients in meeting FISMA and FedRAMP requirements. The ideal candidate will have a firm understanding of how to apply the principles of Information Security in a variety of circumstances and expertise translating the NIST 800-53 guidelines into common technical implementations.
- Develop Security Authorization Packages that are compliant with FISMA/FedRAMP requirements. Package components include: System Security Plans, Contingency Plans, Configuration Management Plans, Incident Response Plans, Privacy Impact Assessments, and Plan of Action and Milestones (POA&M)
- Assist in the review and analysis of Security Authorization Packages for completeness and compliance with FISMA/FedRAMP requirements
- Demonstrate ability to lead compliance and assessments projects through the project lifecycle from initiation to project closure
- Lead working sessions with client and audit team to ensure expectations and direction are aligned and timelines are being met
- Collaborate across multiple internal teams to ensure successful delivery of artifacts and closure of audit field work
- Provide review and analysis of vulnerability scan results from tools such as Nessus, Qualys, AppDetective, WebInspect, IBM AppScan, Burp Suite, etc.
- Build a customer-focused relationship with client(s)
- Experience reviewing and updating policies, standards, and procedures to ensure they are up to date and reflect current practices
- Demonstrate familiarity with FISMA and NIST 800 series guidelines (800-30, 800-37, 800-53 and 53A, 800-60, etc.)
- SOC2
- RegSCI
- PCI-DSS
- Splunk
- CISSP/CEH/AWS certs/CASP/Security + certification or equivalent highly desired
- Bachelor's Degree (preferably in Information Technology or Cyber Security) or equivalent work experience
- FedRAMP experience HIGHLY preferred#LI-WB
#Dice