Knowledge Services · 5 hours ago

Senior Information Security Analyst

United States

Full-time

Remote

Mid, Senior Level

3+ years exp

Maximize your interview chances

Cloud ManagementConsulting

Actively Hiring

No H1B

Hiring Manager

Matthew Flynn

Insider Connection @Knowledge Services

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

This position is responsible for ensuring that security measures align with the stringent requirements set forth by StateRAMP and the implementation of security technologies across CSP solutions that meet the NIST SP 800-53 framework.

This involves conducting thorough assessments of CSP ‘s system security product for StateRAMP authorization, analyzing and reporting on CSP’s continuous monitoring, and evaluating products in StateRAMP Security Snapshot program.

Additionally, the position will analyze reports for areas of risk and deficiencies, assess security vulnerabilities, make recommendations for improvements, and report compliance gaps that could jeopardize data integrity and confidentiality.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Information Security ComplianceNIST SP 800-53Security CertificationsVulnerability ManagementStateRAMPIRS 1075MARS-E 2.0FERPANERCSOC 2ISO 27001FedRAMPAWSAzureGoogle CloudAgile MethodologyIncident DetectionVulnerability ScanningSystem AdministrationNetwork MonitoringEndpoint SecurityVulnerability RemediationEvent AnalysisFirewall ManagementTechnical Writing

Required

Bachelor’s degree in computer science, information technology, information assurance, cybersecurity, or related field.

In lieu of a degree, consideration will be given to an equivalent combination of related education and work experience.

3-5 years of prior experience in information security compliance, information security auditing, vulnerability management, and/or information security with a focus on NIST SP 800-53.

Detailed knowledge of security and privacy standards and best practices, including current NIST Special Publication 800 series (800-53, 800-137, 800-145).

Demonstrate excellent communication skills and the ability to drive reporting and security assessment activities.

One or more of the following security certifications (or other relevant security certifications/experience): CRISC, CISA, SSCP, CCSP, GCLD, GCIH, Associate of (ISC)2, CompTIA Security+, Certified Ethical Hacker.

US Citizenship

Preferred

Experience with one or more of the compliance areas: IRS 1075, MARS-E 2.0, FERPA, NERC, SOC 2, ISO 27001.

Experience with StateRAMP or FedRAMP.

Understanding of major CSPs (AWS, Azure, Google).

Understanding of Agile framework/methodology.

Experience in any of the following areas: Incident detection, technical writing, vulnerability scanning, system administration, network monitoring, endpoint security, vulnerability remediation, event analysis/investigation, firewall configuration/management.