Goldbelt
Senior Information Assurance Analyst
Goldbelt, Arlington, Virginia, United States, 22201
Overview
Goldbelt Nighthawk offers sound solutions in software development and both defensive and proactive cybersecurity. Nighthawk offers an integrated, holistic cybersecurity workforce that is enthusiastic, continuously learning, and progressive. The team is fully committed to implementing dynamic cybersecurity solutions that effectively address the needs of customers. Nighthawk's flexibility and expertise across the cybersecurity field provides customized solutions to our customer's unique needs.
Summary:
The Senior Information Assurance Analyst will support the Overseas Buildings Operations (OBO) Information System Security Officer (ISSO). The Senior Analyst will act as a subject matter expert (SME) for Federal Assessments & Authorizations (A&A); provides sound advice and recommendations to lower risk and improve the overall defensive posture.
Responsibilities
Essential Job Functions:
Assist in planning and preparation for security Assessment and Authorization (A&A) as part of the Department's Information Assurance policy and Federal Information Security Management Act (FISMA) implementation efforts Conduct risk assessments, vulnerability assessments, and system audits to identify potential security threats to OBO information systems. Provide recommendations to mitigate identified risks and ensure compliance with applicable regulations and standards. Provide support for and where necessary to create security documentation for the required phases of the DOS A&A process in support of obtaining Authority to Operate (ATO) approvals of OBO systems Perform Security Impact Analysis (SIA) review of change requests and provide reporting requirements to system owners Update expired security controls in ArchAngel to support security findings and reporting Analyze and report on security findings identified during assessment Create Plan of Action & Milestones (POAMs) for identified security control findings Evaluate security control implementations for all OBO Systems boundaries on a yearly basis Perform other duties as assigned Qualifications
Necessary Skills and Knowledge:
Excellent communication and interpersonal skills. Ability to work collaboratively in a team environment and lead initiatives. Strong analytical and problem-solving skills. Minimum Qualifications:
Must possess a Bachelor Degree cybersecurity, computer science, informational technology, or related fields. Additional (4) four years of experience may be substituted for a degree. Minimum 7 years of experience in supporting Federal IT organizations in accomplishing Assessments and Accreditations. Must possess the ability to carries out procedures to ensure that all information systems, products, and services meet organization standards and end-user requirements. Must have experience in managing the inventory, categorization, selecting and monitoring security controls for the information systems in preparation of the Assessment and Authorization process for new and existing systems. Experienced in implementing NIST guidance related to the Risk Management Framework and supporting Plan of Action and Milestone (POAMs) review. Must have experience also in conducting interviews with application and system developers to document system operations surrounding security controls. Minimum of eight (8) years of cybersecurity experience. US citizen Must have a Secret clearance Preferred Qualifications:
Certifications: CISSP, CISM, CAP, or other relevant certifications are highly desired.
The salary range for this position is $150,000 to $175,000 annually.
Pay and Benefits At Goldbelt, we value and reward our team's dedication and hard work. We provide a competitive base salary commensurate with your qualifications and experience. As an employee, you'll enjoy a comprehensive benefits package, including medical, dental, and vision insurance, a 401(k) plan with company matching, tax-deferred savings options, supplementary benefits, paid time off, and professional development opportunities.
Goldbelt Nighthawk offers sound solutions in software development and both defensive and proactive cybersecurity. Nighthawk offers an integrated, holistic cybersecurity workforce that is enthusiastic, continuously learning, and progressive. The team is fully committed to implementing dynamic cybersecurity solutions that effectively address the needs of customers. Nighthawk's flexibility and expertise across the cybersecurity field provides customized solutions to our customer's unique needs.
Summary:
The Senior Information Assurance Analyst will support the Overseas Buildings Operations (OBO) Information System Security Officer (ISSO). The Senior Analyst will act as a subject matter expert (SME) for Federal Assessments & Authorizations (A&A); provides sound advice and recommendations to lower risk and improve the overall defensive posture.
Responsibilities
Essential Job Functions:
Assist in planning and preparation for security Assessment and Authorization (A&A) as part of the Department's Information Assurance policy and Federal Information Security Management Act (FISMA) implementation efforts Conduct risk assessments, vulnerability assessments, and system audits to identify potential security threats to OBO information systems. Provide recommendations to mitigate identified risks and ensure compliance with applicable regulations and standards. Provide support for and where necessary to create security documentation for the required phases of the DOS A&A process in support of obtaining Authority to Operate (ATO) approvals of OBO systems Perform Security Impact Analysis (SIA) review of change requests and provide reporting requirements to system owners Update expired security controls in ArchAngel to support security findings and reporting Analyze and report on security findings identified during assessment Create Plan of Action & Milestones (POAMs) for identified security control findings Evaluate security control implementations for all OBO Systems boundaries on a yearly basis Perform other duties as assigned Qualifications
Necessary Skills and Knowledge:
Excellent communication and interpersonal skills. Ability to work collaboratively in a team environment and lead initiatives. Strong analytical and problem-solving skills. Minimum Qualifications:
Must possess a Bachelor Degree cybersecurity, computer science, informational technology, or related fields. Additional (4) four years of experience may be substituted for a degree. Minimum 7 years of experience in supporting Federal IT organizations in accomplishing Assessments and Accreditations. Must possess the ability to carries out procedures to ensure that all information systems, products, and services meet organization standards and end-user requirements. Must have experience in managing the inventory, categorization, selecting and monitoring security controls for the information systems in preparation of the Assessment and Authorization process for new and existing systems. Experienced in implementing NIST guidance related to the Risk Management Framework and supporting Plan of Action and Milestone (POAMs) review. Must have experience also in conducting interviews with application and system developers to document system operations surrounding security controls. Minimum of eight (8) years of cybersecurity experience. US citizen Must have a Secret clearance Preferred Qualifications:
Certifications: CISSP, CISM, CAP, or other relevant certifications are highly desired.
The salary range for this position is $150,000 to $175,000 annually.
Pay and Benefits At Goldbelt, we value and reward our team's dedication and hard work. We provide a competitive base salary commensurate with your qualifications and experience. As an employee, you'll enjoy a comprehensive benefits package, including medical, dental, and vision insurance, a 401(k) plan with company matching, tax-deferred savings options, supplementary benefits, paid time off, and professional development opportunities.