ISSO / Cyber Security - Assessment And Authorization Analyst

ISSO/Cyber Security Assessment and Authorization Analyst

Rockville, MD. - Hybrid role.

****CANDIDATE MUST BE Local or nearby*****

10+ yrs exp.

Need 100% suitable resume.

Experience with using GRC tool CSAM

Experience with A&A of cloud-platforms

Job Responsibilities

• Support a client as an assessment and authorization (A&A) analyst, including A&A efforts for various agency systems.
• Maintain responsibility for supporting federal clients obtaining the authority to operate (ATO) for new and modernized systems.
• Adhere to the NIST Risk Management Framework (RMF) to support the A&A process, including analyzing the development of supporting policies, procedures, and plans, designing and
• implementing security controls, testing and validating security controls, and analyzing and tracking corrective action plans.
• Ensure all supporting artifacts and results will be documented in the A&A repository
• Performing security controls assessments on security boundaries and producing required security documentation.
• Experience with NIST special publications (SPs) regarding the SA process, including SP 800-53, SP 800-137, and SP 800-37.
• Experience with continuous monitoring and plans of action and milestones (POA&M) management.
• Experience with assessing systems deployed in Cloud Environments.

Must have:

• 5+ years of experience with assessment and accreditation (A&A).
• 10+ years of experience as a security control assessor or validator.
• 10+ years of experience with maintaining IT security policies, processes, and guidance.
• Experience with using GRC tool CSAM
• Experience with A&A of cloud-platforms
• BA or BS degree in MIS, CS, or related cybersecurity discipline (Masters preferred).