Title: Senior Risk Management FISMA Analyst
Location: Rockville, MD (50% remote after 90 days)
CyberData Technologies Inc. is currently hiring a highly experienced Senior Risk Management FISMA Specialist with cyber security policy assessment experience for our federal client located in Rockville, MD. The Senior Risk Management FISMA Specialist will be tasked with a variety of assessment and analysis duties, with at least 5-8 years' experience with:
- Ensuring that HRSA systems are in compliance with OMB Circular A-130, Federal Information Security Management Act (FISMA) and other federal laws and regulations, FIPS Standards, NIST guidance, as well as HHS and HRSA directives.
- Working directly with System Owners and Information System Security Officers to provide Security Assessment and Authorization (SA&A), eGRC tool assistance, and disseminate guidance from the HRSA Office of Information Security and Privacy (OISP).
- Serving as a Subject Matter Expert for SA&A requirements and work with Information System Security Officers to ensure that SA&A requirements meet HHS and HRSA standards. FISMA Analysts will be responsible for reviewing, at a minimum, the following SA&A requirements:
- FIPS 199 Security Categorization
- Privacy Impact Assessment
- System Security Plan
- E-Authentication Threshold Analysis/Risk Assessment
- Risk Assessment
- Plan of Action and Milestones
- Configuration Management Plan
- Contingency Plan
- Contingency Plan Test
- Security Assessment Report
- Overseeing the development of authorization packages, approximately 20 annually. The contractor will be responsible for reviewing the authorization package prior to submission to federal risk management lead.
- Developing guidance documentation and templates to assist Information System Security Officers and corresponding support staff with meeting SA&A requirements.
- Serving as a Subject Matter Expert for the HRSA eGRC solution. FISMA Analysts will be responsible for performing the following activities associated with the HRSA eGRC solution:
- Creating records for information systems and components
- Monitoring information systems and components to ensure all required information is documented
- Provision accounts for new users and manage permissions for existing users
- Train new users
- Provide assistance for all users.
- Assisting with continuity of operations/contingency planning at the system level as well as HRSA-wide in compliance with NIST and HHS guidance. FISMA analysts will provide oversight for system level contingency planning and testing activities.
- Assisting in developing and maintaining security policies, procedures, standards, guidelines and technical reports
- Reviewing HHS policy and NIST documentation and provide feedback.
- The Specialist shall develop executive briefing books and other supporting reports. The Specialist shall work with federal staff to obtain information for executive briefing books and other supporting reports and consolidate as needed.
CyberData is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.