Rapid Strategy
Cybersecurity Specialist Job at Rapid Strategy in Charlotte
Rapid Strategy, Charlotte, NC, United States, 28245
Position Summary
The Cybersecurity Specialist will play a critical role in evaluating, managing, and strengthening cybersecurity controls to ensure compliance with federal regulations, including NIST 800-53 v5 and NIST 800-37. The ideal candidate will have expertise in conducting security control assessments, supporting the Risk Management Framework (RMF) process, and managing the Security Assessment and Authorization (SA&A) lifecycle. This position requires extensive experience in federal government and financial services environments, with a deep understanding of FISMA compliance and privacy controls.
Key Responsibilities
Required Experience and Skills:
The Cybersecurity Specialist will play a critical role in evaluating, managing, and strengthening cybersecurity controls to ensure compliance with federal regulations, including NIST 800-53 v5 and NIST 800-37. The ideal candidate will have expertise in conducting security control assessments, supporting the Risk Management Framework (RMF) process, and managing the Security Assessment and Authorization (SA&A) lifecycle. This position requires extensive experience in federal government and financial services environments, with a deep understanding of FISMA compliance and privacy controls.
Key Responsibilities
- Perform detailed control assessments in accordance with NIST 800-53 v5 and NIST 800-37, ensuring compliance with FISMA requirements.
- Lead and manage the Security Assessment and Authorization (SA&A) process, including documentation, evidence collection, and validation of control effectiveness.
- Support the implementation and ongoing maintenance of the Risk Management Framework (RMF), ensuring all steps are completed accurately and on schedule.
- Evaluate and document security and privacy controls for federal government and financial services environments.
- Conduct system security assessments and develop artifacts such as System Security Plans (SSPs), Security Assessment Reports (SARs), and Plan of Action and Milestones (POA&Ms).
- Collaborate with cross-functional teams to identify and mitigate cybersecurity risks, providing recommendations for improving compliance and security posture.
- Analyze, report, and communicate assessment findings to stakeholders, including senior management and external auditors.
- Stay updated on evolving federal cybersecurity standards, frameworks, and best practices to ensure client systems remain compliant.
- Provide guidance on privacy requirements and their integration with security controls.
Required Experience and Skills:
- MUST BE A U.S. CITIZEN
- 5-7 years of experience performing cybersecurity control assessments, with expertise in federal government and financial services sectors.
- Deep knowledge of NIST 800-53 v5 and NIST 800-37, including control families, privacy controls, and compliance requirements.
- Experience with FISMA compliance and the ability to perform assessments in federal environments.
- Proven expertise in the Risk Management Framework (RMF) process and SA&A lifecycle, including the development of security artifacts.
- Familiarity with privacy regulations and their implementation within security programs.
- Strong understanding of security assessment tools, methodologies, and reporting.
- Exceptional analytical, documentation, and communication skills, with the ability to present complex findings clearly to stakeholders.
- Bachelor's degree in Cybersecurity, Information Technology, or related field.
- Certifications such as CISSP, CISM, CAP, or CRISC.
- Experience working with financial services regulatory frameworks, such as PCI-DSS, SOX, or GLBA.
- Familiarity with vulnerability management tools and techniques.