Security Analyst / Information Systems Security OfficerEliassen Group • Fort Meade, Maryland, United States
Security Analyst / Information Systems Security Officer
Eliassen Group
- Fort Meade, Maryland, United States
- Fort Meade, Maryland, United States
À propos
Rate: $60.00 to $70.00/hr. w2
Responsibilities
Conduct continuous monitoring for assigned systems, including threat monitoring, access reviews, and vulnerability mitigation planning.
Support security operations center activities, system reviews, and incident investigations.
Maintain knowledge of security architecture and business purposes of systems.
Document and maintain applicable NIST 800-53 controls for responsible IT systems.
Update System Security Plans semi‑annually and document changes.
Certify accuracy of continuous monitoring information for assigned systems.
Advise on architecture and configuration changes through established change and configuration management.
Evaluate software prior to production to identify and communicate potential risk.
Support internal and external audits and corrective action execution.
Evaluate and advise on privileged access requests for IT systems.
Develop and deliver artifacts required for Ongoing Authorization and the NIST Cybersecurity Framework.
Perform certification assessments including review of change requests, PPS, whitelist requests, self‑assessments, compliance statements, scans, STIG reviews, SSPs, evidence, artifacts, and on‑site results.
Attend weekly training and staff meetings to align with procedure updates.
Use government tooling including resourcing tools for on‑site reviews, eMASS for control reviews, RTS for actions, PPSM database, Whitelist Tool, DITPR, and RMF Knowledge Service.
Conduct security architecture reviews for STIG compliance and best practices and document analysis for risk recommendations.
Develop customized checklists based on architecture, specialized equipment, accredited deployment guides, and UC APL guidance.
Analyze POA&Ms and mitigation plans to determine residual risk and document statements of residual risk.
Conduct risk assessments of threats, vulnerabilities, and mission impact to inform countermeasures and residual risk.
Experience Requirements
At least 10 years performing or supporting ISSO responsibilities in a US Government environment.
At least 10 years working with NIST cybersecurity standards and best practices.
Demonstrated experience with FISMA, FedRAMP, and NIST Special Publications.
Hands‑on experience with RMF, NIST 800‑53 control implementation, continuous monitoring, and security assessment and authorization.
Proficiency with eMASS, PPSM, DITPR, Whitelist Tool, RTS, STIGs, and RMF Knowledge Service.
Experience conducting vulnerability assessments, POA&M analysis, risk assessments, and architecture reviews.
Experience supporting audits and generating authorization artifacts and evidence.
Ability to evaluate software risk and advise on change and configuration management processes.
Active Secret security clearance.
U.S. citizenship.
Education Requirements
Bachelor's degree in computer science, information systems, or a related field.
CISSP certification.
CISM certification.
CompTIA Security+ certification.
#J-18808-Ljbffr
Compétences linguistiques
- English
Avis aux utilisateurs
Cette offre provient d’une plateforme partenaire de TieTalent. Cliquez sur « Postuler maintenant » pour soumettre votre candidature directement sur leur site.