Security Compliance Analyst

  • Rockville, MD
  • Posted 37 days ago | Updated 1 hour ago

Overview

On Site
Contract - W2

Skills

NIST 800-53
Information security
System security
Configuration Management
Incident management
Project lifecycle management
Vulnerability scanning
IBM Security AppScan
Burp suite
NIST SP 800 Series
PCI DSS
Security+
Information Technology
Cyber security
Regulatory Compliance
FISMA
FedRAMP
Authorization
Privacy
IMPACT
Leadership
Auditing
Collaboration
Nessus
Qualys
WebInspect
Policies
System on a chip
Splunk
CISSP
Certified Ethical Hacker
Amazon Web Services
DICE

Job Details

Responsibilities (overall and day-to-day):
As a Security Compliance Analyst, you will be joining a team performing security assessments and providing consulting support to assist clients in meeting FISMA and FedRAMP requirements. The ideal candidate will have a firm understanding of how to apply the principles of Information Security in a variety of circumstances and expertise translating the NIST 800-53 guidelines into common technical implementations.
  • Develop Security Authorization Packages that are compliant with FISMA/FedRAMP requirements. Package components include: System Security Plans, Contingency Plans, Configuration Management Plans, Incident Response Plans, Privacy Impact Assessments, and Plan of Action and Milestones (POA&M)
  • Assist in the review and analysis of Security Authorization Packages for completeness and compliance with FISMA/FedRAMP requirements
  • Demonstrate ability to lead compliance and assessments projects through the project lifecycle from initiation to project closure
  • Lead working sessions with client and audit team to ensure expectations and direction are aligned and timelines are being met
  • Collaborate across multiple internal teams to ensure successful delivery of artifacts and closure of audit field work
  • Provide review and analysis of vulnerability scan results from tools such as Nessus, Qualys, AppDetective, WebInspect, IBM AppScan, Burp Suite, etc.
  • Build a customer-focused relationship with client(s)
  • Experience reviewing and updating policies, standards, and procedures to ensure they are up to date and reflect current practices
  • Demonstrate familiarity with FISMA and NIST 800 series guidelines (800-30, 800-37, 800-53 and 53A, 800-60, etc.)
  • SOC2
  • RegSCI
  • PCI-DSS
  • Splunk
Education/Experience Requirements:
  • CISSP/CEH/AWS certs/CASP/Security + certification or equivalent highly desired
  • Bachelor's Degree (preferably in Information Technology or Cyber Security) or equivalent work experience
  • FedRAMP experience HIGHLY preferred#LI-WB
    #Dice

About Tential