Information System Security Analyst For Americans

Remote – Full-time Opportunity

$110,000 – $125,000/year + Benefits

We are looking for an Information System Security analyst to join our team supporting a federal government agency.

Primary job responsibilities include:

• Evaluate, maintain, and communicate the risk posture of FISMA systems to government ISSO, Business Owner and team.
• Possess knowledge and experience in all areas of the Risk Management Framework.
• Support the stakeholders in ensuring that all requirements specified by the acceptable risk safeguards (ARS) and the procedures and standards of the RMH are implemented and enforced.
• Ensure information security and privacy testing is performed throughout the SDLC as appropriate and results are considered during the development phase of the SDLC.
• Develop security and privacy artifacts required for annual system assessment.
• Monitor system security posture by reviewing all proposed information security and privacy artifacts to provide recommendations to the ISSO.
• Work with the development team to close any POAMs.
• Determine the privacy impacts and manage information security and privacy risk.
• Coordinate and lead contingency tabletop exercises, penetration tests, and annual system assessment interviews.

Requirements:

• 5+ years of professional experience supporting information security/assurance programs, policies, processes, and procedures per various security frameworks/laws/standards/directives, e.g.: FISMA; OMB directives; Presidential Directives; NIST (SP-800 series; FIPS); HIPAA of 1996; Privacy Act
• Comprehensive knowledge of the FISMA, HIPAA laws and Privacy Act of 1974.
• Knowledge of the NIST SP 800 series documents.
• Knowledge of the 800-53 security control requirements and standard methods for implementing them.
• Practical knowledge of IT System contingency planning.
• Understanding of risk assessment and risk management concepts.
• Good understanding of continuous monitoring and continuous authorization concepts.
• Good understanding of protection of PII and PIA concepts.
• Expert use of MS Office, especially Word, PowerPoint, and Outlook.
• Ability to articulate technical concepts, especially in the review process.
• Excellent communication skills.
• CISSP, CISM preferred.
• Centers for Medicare and Medicaid (CMS) experience preferred.