Overview
Skills
Job Details
This hybrid position requires (2) days on-site in Washington, DC.
Must be local to DC, MD, VA, or within an hour's commute.
Due to Federal Governement Security Clearance Requirements: U.S. Citizenship
Become PRISM's Security Guardian: Senior Information System Security Analyst
Do you thrive on outsmarting cyber threats and safeguarding sensitive data? PRISM seeks a sharp and driven Senior Information System Security Analyst to join our mission-critical team. This is your chance to become a key player in building a robust security posture and ensuring compliance with rigorous standards like NIST SP 800-53.
Here's how you'll make a difference:
Become a control master: Develop and maintain bulletproof IT security controls, adhering to strict agency security policies and NIST SP 800-53. Think of yourself as building a fortress against cyberattacks.
Collaborate like a pro: Partner with subject matter experts to collect and validate control implementation statements, ensuring every line of defense is airtight. You'll be the glue that connects expertise to action.
Be a risk detective: Conduct in-depth assessments, unearthing potential security vulnerabilities before they cause trouble. Think of yourself as Sherlock Holmes for cybersecurity.
Communicate clearly: Document and communicate control deficiencies for effective Plan of Action and Milestones (POA&M) consideration. Your words will be the blueprint for strengthening our defenses.
Be a compliance champion: Support Continuous Security Monitoring to ensure adherence to stringent agency security policies. You'll be the eagle-eyed guardian keeping us on track.
Shape the future: Assist in developing and updating security policies, ensuring they stay relevant and effective in the ever-evolving threat landscape. Your contributions will shape the future of PRISM's security.
Review with a hawk eye: Conduct security reviews for any changes impacting our systems, leaving no stone unturned in protecting our critical infrastructure.
Become a POA&M pro: Analyze and assess POA&M outputs, recommending additional work or closure you'll ensure our security posture keeps improving.
Join the governance gurus: Support IT Governance, Risk, and Compliance (IT GRC) activities, including standards management. You'll be a vital cog in keeping PRISM operating securely and efficiently.
Share your knowledge: Provide clear and concise information for status reports, briefings, schedules, and project plans, both in writing and orally. Your insights will be invaluable for informed decision-making.
REQUIRED SKILLS:
Bachelor's degree in Information Technology, Cybersecurity, or a related field (Master's degree preferred).
Minimum of 7 years of experience as a Security Analyst or related role.
Strong understanding of cybersecurity principles and best practices.
Experience with security assessment tools and methodologies (e.g., Nessus, OpenVAS, Metasploit).
Experience with NIST Risk Management and Cybersecurity Framework, FISMA, NIST 800-53, and IT control processes.
Knowledge of cyber-attack patterns, Tactics, Techniques, and Procedures.
Ability to adapt security processes/tools to evolving landscapes and risk scenarios.
Understanding of PKI, encryption, hashing techniques, and OMB circulars A-123, A-130.
Fluency in spoken/written English for technical content, with strong communication skills.
High-quality deliverables with minimal edits, quick review, and feedback on federal security doctrine.
Thrives in a fast-paced environment, outstanding customer service skills.
Document processes, explain complex policies in simple terms.
Stays updated on IT trends, security standards, excellent analytical thinking, and problem-solving skills.