Senior Information Systems Security Analyst

Overview

Hybrid
Depends on Experience
Full Time

Skills

Xacta
FISMA
IT management
risk assessments
customer service skills
problem - solving skills

Job Details

Summit Technologies Inc. is seeking a Senior Information Systems Security Analyst to support our government client. The Senior Information Systems Security Analyst will support IT management with control assessment, development, and maintenance, and risk assessment and response development.
This is a hybrid role based in Washington, DC. Candidates must be eligible for a Public Trust clearance.

Duties & Responsibilities:

  • Develop and maintain IT security controls per NIST SP 800-53 and Agency Security Policy standards.
  • Support the Information System Security and Privacy Officer (ISSPO) with managing and documenting the security posture of the agency.
  • Collect and validate control implementation statements from subject matter experts.
  • Consult with experts to ensure work instructions align with agency security standards.
  • Conduct risk assessments for security issues and propose resolutions.
  • Communicate and document control deficiencies for POA&M consideration.
  • Support Continuous Security Monitoring for compliance with agency security policy.
  • Assist in developing security policies to ensure compliance.
  • Conduct security reviews for changes impacting hardware, software, baselines, connections, or applications.
  • Review and assess POA&M outputs and recommend additional work or closure.
  • Support IT Governance, Risk, and Compliance activities, including standards management.
  • Provide information for status reports, briefings, schedules, and project plans in written and oral form.
  • Stay updated on IT trends and security standards.
  • Provide high-quality deliverables with minimal edits, quick review, and feedback on federal security doctrine.

Skills & Experience:

  • Experience with NIST Risk Management and Cybersecurity Framework, FISMA, NIST 800-53, and IT control processes.
  • Familiarity with GRC frameworks/tools (RSAM, CSAM) and SA&A tools (Xacta).
  • Experience working in a technical environment with IT platforms such as Microsoft Office 365, Azure, Cisco, Oracle, etc.
  • Knowledge of cyber-attack patterns, Tactics, Techniques, and Procedures.
  • Ability to adapt security processes and tools to evolving landscapes and risk scenarios.
  • Understanding of PKI, encryption, hashing techniques, and OMB circulars A-123, A-130.
  • Fluency in spoken and written English for technical content.
  • Experience working in a fast-paced environment.
  • Possess outstanding customer service skills.
  • Ability to explain complex policies in simple terms.
  • Excellent analytical thinking and problem-solving skills.

Education & Certification:

  • Bachelor degree with nine years relevant IT experience or
  • Graduate degree with seven years relevant IT experience.
  • One of the following security certifications (CISSP, CISM, Security+).

Security Requirements:

  • All candidates must be eligible to obtain a Public Trust Clearance.

Summit Technologies Inc. appreciates your interest. We will contact the best matching prospects and will consider you for future opportunities. We will not submit your resume without your prior knowledge and consent. We are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity, national origin, disability or veteran status.