25 Jan
District of Columbia,
Washington
, 20001
Washington
USA
Vacancy expired!
Zachary Piper Solutions is seeking for an Information Security Policy Analyst with mastery level knowledge of IT risk management activities in Washington DC . The Information Security Policy Analyst will be working as a full-time employee with remote hybrid flexibility . Responsibilities of the Information Security Policy Analyst include:
- Develop and/or analyze Judiciary information system security plans (SSP) that conform with Judiciary Information Security Framework
- Use CSAM as a Security Assessment & Authorization (SA&A) management tool.
- Help with O&M activities relating to the vulnerability management program at AOTO
- Provide the necessary documents and RMF process guides required for the RMF authorization package
- Perform ACAS scans, all RMF processes, vulnerability assessments, risk analyses, and eMASS registrations during all phases of the systems development life cycle
- Prepare, update, monitor, evaluate, and validate A&A packages
Qualifications for the Information Security Policy Analyst include: • 3+ years of Federal Agency working with NIST 800 Series publications as a Risk Management Framework SME • 8+ years of progressive Information Technology experience • Mastery level knowledge of security controls, system security plans, principles and theories pertaining to providing security and protection to IT resources. • Mastery level knowledge and experience applying government standards, including NIST Risk Management Framework • Education: Bachelor's degree required; master's degree preferred Compensation for the Information Security Policy Analyst include: • Salary Range: $115,000-$125,000 depending on experience • Full Benefits: Cigna Medical, Dental, Vision, and 401k Interview Process: • 1 st phone interview and possible 2 nd virtual interview Keywords: information security policy analyst, Information Assurance Analyst, full time, full-time, program, federal, government, defense, intel, agency, military, acas, isse, isses ,nqvs, nqv, iaw,, testing, risk, risk management, risk-management, risk management frame work, risk-management-framework, rmf, detailed vulnerability, detailed-vulnerability, dvl, emass, acas, enterprise security, enterprise-security, risk analyses, risk-analysis, computer systems, computer-systems, application, applications, assured compliance assessment solution, assured-compliance-assessment-solution, acas, enterprise mission assurance support service, enterprise-mission-assurance-support-service, emass, authorization to operate, authorization-to-operations, ato, develop, develops, engineer, engineers, cybersecurity, DON, ports protocol and services ports-protocol-and-services, pps, opnavinst, opnavinst 5239, opnavinst-5239, qualified validator, qualified-validator, system level continuous monitoring, system-level-continuous-monitoring, SLCM, ports porticals and services management, ports-protocols-service-management, ppsm, hot based security systems, hot-based-security-systems, hbss, a&a, assessment authorizations, assessment-authorization, xacta, xacta tools, CISSP, GIAC, c&a, security, Washington dc, Washington-dc, nova, northern virginia, northern-virginia, dc, d.c., Maryland, dmv, Arlington, Tysons, Fairfax, Alexandria, remote, hybrid, flexibility
Vacancy expired!
