25 Jan
Security Analyst
Vacancy expired!
- Manage FISMA security assessments, internal audits and third-party audits for multiple applications
- Gather, review, and deliver supporting evidence and artifacts for assessments and audits
- Coordinate, manage and collaborate with various teams within NIC and government to ensure security program requirements are met and delivered on a timely schedule
- Create, update and maintain security policies, procedures and other related documentation
- Create, update and maintain Authorization to Operate packages for multiple federal applications
- Manage and ensure timely remediation of findings documented on the Plan of Actions & Milestones (POA&Ms)
- Ensure compliance with Continuous Monitoring Program (CMP) for multiple applications
- Manage responses to any findings of security assessments
- Demonstrate strong knowledge in vulnerability testing, operation systems hardening and regulatory compliance, such as PCI-DSS, SOX, HIPAA, NIST, etc.
- Develop and maintain monthly vulnerability reporting to federal government partners
- Coordinate and/or run network and application vulnerability scans as needed
- Develop and manage various security trainings and ensure timely completion by all NIC Federal employees
- Facilitate and participate in various security testing to include Incident Response, Continuity of Operations and Disaster Recovery
- Manage various compliance tools and ensure all requests are satisfied in a timely manner
- Manage penetration testing support for multiple applications
- Set agendas and facilitate security discussions during internal and external meetings
- Manage federal background investigation process. Assist new employees in successfully completing process
- Other duties as assigned
- Undergraduate degree in cybersecurity, computer science, information systems, or equivalent
- Minimum of three years of related work experience
- Experience with Risk Management Framework (RMF) and/or federal security assessments following NIST guidelines
- Experience with federal agencies is beneficial
- Professional security certifications such as the ISC 2 Certified Authorization Professional (CAP)
- Ability to obtain Public Trust clearance
- Excellent communication and interpersonal skills at all levels, including verbal and written abilities
- Strong familiarity with technology/web/eCommerce/cybersecurity projects
- Strong leadership, organizational, and prioritization skills
- Self-motivated with the ability to work under minimal supervision
- Collaborative style and ability to communicate effectively at all levels
- Desire to work in a fast-paced, entrepreneurial environment
- Works well with others in a team environment
- Ability to support the team outside of business hours, as needed
- Ability to pass a thorough background screening
- Some work-related travel may be required
Vacancy expired!