Information Assurance Analyst (ISSO Cloud SME)

Overview

On Site
$70.00 - $80.00 per hour
Contract - W2
Contract - Independent
Contract - 9 month(s)

Skills

Information Assurance Analyst (ISSO Cloud SME)

Job Details



We are looking for an Information Assurance Analyst (ISSO Cloud SME) for a 1 year contract in Chantilly, VA. If you have a 8 years of Information Assurance Analyst experience and a Public Trust - APPLY NOW!



Information Assurance Analyst (ISSO Cloud SME):




  • Experience within an Azure environment

  • Provides Cloud Security Architecture and Compliance expertise for the U.S. Postal Service.

  • Works closely with Account Security Officer (ASO), Segment Security Officers (SSO) and Cloud Service Providers (CSP) to ensure FedRAMP compliance

  • Provides Cloud Computing Migration Assessments and Accreditations Services (A&A) for Software (SaaS), Infrastructure (IaaS), and Platforms (PaaS) using Federal Risk and Authorization Management Program (FedRamp) compliant criteria.

  • Works closely with Account Security Officer (ASO) and Segment Security Officers (SSO) to ensure operational security measures are implemented.

  • Assesses and mitigates system security risks; determines and analyzes security requirements for implementation and testing.

  • Reviews and continuously monitors implemented security controls.

  • Creates and maintains security checklists, templates and other tools to aid in the A&A process.

  • Performs security control assessment using NIST 800-53A guidance and as per continuous monitoring requirements.

  • Performs risk analyses to determine and recommends essential safeguards.

  • Proactively mitigates system vulnerabilities and recommends compensating controls.

  • Prepares security authorization packages in accordance with the client contractual requirements.

  • Develops core documents such as System Security Plan, Contingency Plan, Incident Response Plan, Standard Operating Procedures, Plan of Actions and Milestones, Remediation Plans, Configuration Management Plan, etc.

  • Monitors and Maintains client-specific Plan of Action and Milestones and supports remediation activities.

  • Monitors and Maintains an inventory of hardware and software for the information system.

  • Monitors and Develops, tests and trains on Contingency and Incident Response planning.

  • Conducts and reviews independent scans of application with Program Team, network and database and utilizes Managed Security Services Vulnerability Assessment Team (VAT) support as applicable.



EXPERIENCE LEVEL:

8+ years experience working as an Information Assurance Analyst for an information technology, information assurance, or information management program



EDUCATION: Must possess a minimum of a Bachelors Degree or Masters Degree, PhD or JD in a technical specialty such as cyber security, computer science, management information systems or related IT field (Master's Degree Preferred)



CERTIFICATIONS: (One or more required): CompTIA Security +, CPTE - Certified, Penetration -Testing Engineer, CEH - Certified Ethical Hacker, Certified





KNOWLEDGE AND SKILLS REQUIRED:




  • Azure Cloud environment

  • Excellent communications skills

  • Fluent in English, grammar and communication

  • Ability to influence OCISO Delivery system stakeholders in the execution of security and compliance requirements

  • Knowledge of the security countermeasures and overall RMF and NIST compliance Experience as a Security consultant in Risk and Compliance

  • Experience in working with security mgt including information governance and compliance

  • Good understanding of Assurance Practices and Risk Management, hands on experience;

  • Experience of security processes and standards, in particular NIST 800-series and RMF

  • Knowledge of security audit and accreditation processes

  • Ability to interpret request for proposal and respond to security and compliance requirements

  • Knowledge of Federal Security, industry and market trends and HPE/USPS offerings

  • Understands HPE and USPS solutions - what they consist of, product roadmaps, IT concepts

  • Understands how cyber security GRC requirements fit within or interface with the sales of other solutions in HPE and HP's partner strategies

  • Understands federal security and regulations impacting security requirements to develop strategies for supporting internal USPS operations



Company Description



RightStone is a strategic partner that works with our clients to place the highest caliber of talent for a wide range of industries and skill sets. For over 23 years RightStone has assisted organizations in attracting, recruiting, and placing qualified candidates quickly for contract, contract to hire, and direct hire opportunities. The right candidates are the most critical aspect of who RightStone is. If you are that candidate, we are interested in speaking with you!





RightStone is an equal opportunity employer and prohibits unlawful discrimination based on race, color, creed, gender, religion, marital status, registered domestic partner status, age, national origin or ancestry, physical or mental disability, medical condition, sex, genetic information, sexual orientation, military and veteran status or any other consideration made unlawful by federal, state, or local laws. RightStone is committed to compliance with all applicable laws providing equal employment opportunities. This commitment applies to all persons involved in Company operations and prohibits unlawful discrimination by any employee of the Company, including supervisors, coworkers, independent contractors and other third parties.






Minimum Education Required: Bachelor

Years of Experience Required: More than 5 years