Omniscius Consulting
Cybersecurity Analyst
Omniscius Consulting, Schenectady, New York, United States, 12309
Our client is seeking a Cybersecurity Analyst to join our team supporting a federal contract in Schenectady, NY
The analyst will be responsible for execution of all aspects of the National Institute of Standards and Technology (NIST) directives to support the Risk Management Framework (RMF). This includes assisting information system owners with development of System Security Plans (SSPs) and Security Assessment Reports (SARs) using the existing RSA Archer application on the internal network to support information system authorization.
Additionally, the analyst will assist in the development of Plans of Action and Milestone (POA&Ms) and Risk Based Decisions (RBDs) for deficiencies found during the information system authorization process.
Required Qualifications:Active DOE Q ClearanceAt least
four years
of combined experience in the following roles: security control validator, security control assessor, Information System Security Officer (ISSO), or Information System Security Manager (ISSM)At least
two years
of experience supporting development of information system security authorization packages in accordance with Risk Management Framework (NIST 800-37, 800-53, 800-53a)At least
two years
of experience working with Federal Risk and Authorization Management Program (FedRAMP)Security+ CertificationPreferred Qualifications
Experience with the RSA Archer applicationAt least two years of experience working on IT security project teamsAt least one year of experience managing IT projectsKnowledge of IT infrastructure and services (Data Centers, physical and virtual servers, local and wide area networking components, cloud Infrastructure/Platform/Software as a Service, etc.)Knowledge of security policies such as NIST Special Publications, Security Technical Implementation Guides (STIGs), DOD Cloud Computing Security Resource Guide (SRG)Knowledge of infrastructure security, endpoint protection, vulnerability management toolsPrevious work authorizing information systems within a classified DoE or DoD environmentFamiliarity with NIST 800-171Certified Information Systems Security Professional (CISSP) certificationCertificate of Cloud Security Knowledge (CCSK) certificationEducation/Experience:
A minimum of
four (4) years'
relevant experience is required. A combination of education and experience will be considered.
Security Clearance:
Active DOE Q Clearance is required.
The analyst will be responsible for execution of all aspects of the National Institute of Standards and Technology (NIST) directives to support the Risk Management Framework (RMF). This includes assisting information system owners with development of System Security Plans (SSPs) and Security Assessment Reports (SARs) using the existing RSA Archer application on the internal network to support information system authorization.
Additionally, the analyst will assist in the development of Plans of Action and Milestone (POA&Ms) and Risk Based Decisions (RBDs) for deficiencies found during the information system authorization process.
Required Qualifications:Active DOE Q ClearanceAt least
four years
of combined experience in the following roles: security control validator, security control assessor, Information System Security Officer (ISSO), or Information System Security Manager (ISSM)At least
two years
of experience supporting development of information system security authorization packages in accordance with Risk Management Framework (NIST 800-37, 800-53, 800-53a)At least
two years
of experience working with Federal Risk and Authorization Management Program (FedRAMP)Security+ CertificationPreferred Qualifications
Experience with the RSA Archer applicationAt least two years of experience working on IT security project teamsAt least one year of experience managing IT projectsKnowledge of IT infrastructure and services (Data Centers, physical and virtual servers, local and wide area networking components, cloud Infrastructure/Platform/Software as a Service, etc.)Knowledge of security policies such as NIST Special Publications, Security Technical Implementation Guides (STIGs), DOD Cloud Computing Security Resource Guide (SRG)Knowledge of infrastructure security, endpoint protection, vulnerability management toolsPrevious work authorizing information systems within a classified DoE or DoD environmentFamiliarity with NIST 800-171Certified Information Systems Security Professional (CISSP) certificationCertificate of Cloud Security Knowledge (CCSK) certificationEducation/Experience:
A minimum of
four (4) years'
relevant experience is required. A combination of education and experience will be considered.
Security Clearance:
Active DOE Q Clearance is required.