Senior Security Analyst (A&A)/Assessor - NIST @ ITC Federal | Jobright.ai
JOBSarrow
RecommendedLiked
0
Applied
0
External
0
Senior Security Analyst (A&A)/Assessor - NIST jobs in Gaithersburg, MD
Be an early applicantLess than 25 applicants
company-logo

ITC Federal ยท 5 hours ago

Senior Security Analyst (A&A)/Assessor - NIST

positionGaithersburg, MD
timeFull-time
remoteRemote
senioritySenior Level
date5+ years exp
ftfMaximize your interview chances
Information TechnologySecurity
check
Work & Life BalancebadNo H1BnoteSecurity Clearance Requirednote

Insider Connection @ITC Federal

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Conducting A&A activities for NIST systems working individually or as part of a team.
Work with NIST staff to provide technical and policy driven solutions to remediate or mitigate identified risks.
Support system personnel with remediation plans for A&A findings.
Provide guidance to Information System Security Officers (ISSO) on system documentation.
Coordinate/conduct vulnerability scans and analyze results.
Complete Security Assessment Reports involving both technical and policy related aspects of the assessment.
Review and update A&A packages based on management feedback.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

NIST 800 SeriesRisk Management FrameworkSecurity Assessment ReportsCISSPCISMCISAVulnerability AssessmentIT security policiesAWSAzureCOTS security toolsRSA ArcherCSAMTenableWebInspectAppDetectiveTechnical writing

Required

5 - 8 years of experience implementing the NIST 800 Series Special Publications.
Demonstrable experience conducting IT assessor activities based on the NIST Risk Management Framework, to include the interviewing, examining and testing of related control sets; the review and/or updates of core system documents- System Security Plans, Contingency Plans, Privacy Threshold Assessments, hardware and software inventories, and system diagrams.
Performing Security Test and Evaluation and developing Security Assessment Reports for NIST senior management.
Delivering risk and vulnerability briefings confidently to management and government customers.
Experience working with vulnerability data, writing Assessment Reports, POA&Ms and Risk Acceptance justifications.
Knowledge of the formation and implementation of IT security policies to ensure confidentiality, integrity and availability of information systems.
Strong technical oral, writing and customer service skills as you will regularly interact with NIST colleagues and senior managers.
Ability to successfully pass a National Agency Check with Local Agency Check (NACLC)

Preferred

Prior federal or GOVCON experience
Cloud Experience (AWS or Azure)
Active Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Security Auditor (CISA) or comparable certification
Advanced Degree in computer science or related field or related experience
Direct experience with NIST or other academic environments.
Expertise with COTS based security tools (i.e. RSA Archer, CSAM, Tenable, WebInspect, AppDetective) used to establish security baselines and assess continuing compliance.

Benefits

Health
Dental and Vision
401(k)
Flexible Spending Account (FSA)
11 Paid Federal Holidays
PTO
Education reimbursement

Company

ITC Federal

twittertwitter
company-logo
Integrity is at the core of everything we do at ITC Federal.
dateFounded in 2006
location
Alexandria, Virginia, USA
people-size501-1000 employees
web-link
http://itcoalition.com

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Janet Hanofee, SPHR
Chief Human Resources Officer
linkedin
Company data provided by crunchbase
logo

Orion

Your AI Copilot