Apply on Employer Site

Appian · 1 week ago

Principal Security Analyst (Top Secret)

McLean, VA

Full-time

Onsite

Senior Level, Lead/Staff

5+ years exp

Appian is a software company that automates business processes, and they are seeking a Principal GRC Security Analyst to advise federal customers on secure Appian-based solutions. This role involves managing the RMF processes, leading ATO and FedRAMP authorizations, and mentoring junior analysts while collaborating with customers to implement cybersecurity strategies.

Business Process Automation (BPA)Data ManagementDeveloper ToolsEnterprise SoftwareInsurTechRobotic Process Automation (RPA)Software

Comp. & Benefits

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Leading and Applying RMF Processes: Independently manage and execute the RMF steps, including system categorization, security control selection, implementation guidance, assessment support, authorization package development, and continuous monitoring for Appian-based solutions

Driving ATO and FedRAMP Authorization: Take ownership of the preparation and management of Authorization to Operate (ATO) packages and lead the FedRAMP authorization process for federal customers, ensuring compliance with federal security standards

Designing Secure Solutions: Architect secure end-to-end solutions for federal customers leveraging cloud platforms like AWS and Microsoft Azure, applying security best practices and federal requirements

Mentoring Junior Analysts: Provide guidance and mentorship to junior security analysts, sharing your knowledge and experience in GRC and cybersecurity

Collaborating with Customers and Internal Teams: Partner directly with federal customers and Appian’s Customer Success team to understand their security requirements and provide expert guidance on implementing cybersecurity strategies . Collaborate with senior cyber advisors to refine security approaches

Contributing to Security Authorization Strategies: Play a significant role in developing and implementing comprehensive cybersecurity strategies for Appian deployments within federal environment

Maintaining Knowledge of Federal Policies: Stay current with the latest federal cybersecurity policies, standards (including FedRAMP), and best practices to ensure ongoing compliance and effective security authorization support

Contributing to System Security Packages (SSPs): Lead the development and maintenance of System Security Packages (SSPs) in accordance with RMF requirements

Qualification

NIST Risk Management FrameworkAuthorization to OperateAmazon Web ServicesMicrosoft AzureSystem Security PackagesGRC principlesPassion for cybersecurityCommunication skillsMentoring

Required

Bachelor's degree in any Engineering discipline, Computer Science, Mathematics, Information Technology, or similar work

An Active Government Clearance (Top Secret and above, without any limitations) is required

Ability and interest to maintain an Active TS:SCI Clearance (CI or FSP), with the ability and willingness to perform work within cleared facilities (SCIF work is required)

Approximately 5+ years of experience as an IT systems administrator building, maintaining, scripting, patching, & managing hosts, databases, and interconnected Cloud services with significant experience in a security-focused role and a strong understanding of GRC principles

Demonstrated experience in navigating the NIST Risk Management Framework (RMF) and Authority to Operate (ATO) processes

Proven ability to contribute to the development of System Security Packages (SSPs)

Experience with cloud platforms such as Amazon Web Services (AWS) and Microsoft Azure, with a focus on security best practices for cloud environments

Passion for cybersecurity and a strong desire to architect secure solutions for federal customers

Strong communication and interpersonal skills, with the ability to effectively advise and guide customers