Overview
Skills
Job Details
Position: Cybersecurity Risk and Compliance Analyst
Location: Baltimore, MD (Candidates must be local to District of Columbia, Maryland, Virginia)
Job Description:
Develop & Maintain Mobile Applications:
Strong business documentation and technical writing skills;
Must know NIST 800-53 revision 5;
how to assess cybersecurity control based on NIST 800-53a R5;
strong experience working in Excel
Engineers will provide technical guidance for assessing the management, operational, assurance, and technical security controls implemented on an information system via security testing and evaluation methods.
Provide technical advisory functions to staff.
Provide administrative support for pre- and post-assessment activities.
Provide continued modernization support for the Technical System Security Requirements (TSSR) and Security Evaluation Questionnaire (SEQ),
Determine security controls effectiveness to ensure controls are implemented correctly, operating as intended and meeting requirements.
Provide Cloud technical assistance/data privacy technical assistance.
Provide technical assistance with ensuring a suite of controls are implemented and operating as intended.
All other duties as assigned or directed.
Basic Qualifications: Minimum knowledge, skills, abilities needed.
Bachelor's Degree and 3 years of relevant experience, or master's degree and 1 year of relevant experience, or 7+years of relevant experience in lieu of a degree.
2+ years of security control assessment experience
Strong business documentation and technical writing skills.
Must have strong experience working in Excel
Must possess a relevant cybersecurity certification (e.g., Security+, CISSP, CISM, or CAP)
Experience with interpreting and applying federal laws, OMB directives, and client-specific policies to security and compliance efforts.
Experience with interpreting and assessing security controls using NIST SP 800-53A Rev. 4, NIST SP 800-53 Rev. 5, NIST SP 800-37 Rev. 1, NIST SP 800-30 Rev. 1, NIST SP 800-39, and FIPS publications.
Preferred Qualifications:
Candidates with these skills will be given preferential consideration.
Experience supporting Risk Management Framework (RMF) activities in accordance with NIST guidelines.
Experience coordinating with SSA and partner agencies, understanding and leveraging existing agreements.