Progression, Inc.
Cyber - Information Assurance Analyst
Progression, Inc., Fairfax, Virginia, United States, 22032
IA AnalystFairfax, VA
MUST:Active Public Trust RequiredExperienced Information Security Analyst5+ years applying, selecting and testing the NIST 800-53 Rev 4 security controls.5+ years in-depth knowledge of NIST 800-37 Risk Management Framework.5+ years experience with a Governance, Risk and Compliance tool (e.g., Xacta, RSA Archer, CSAM or eMASS).Intermediate level cybersecurity certification (e.g., CompTIA Security+, ISC2 CGRC)
desiredIn-depth knowledge of applying, selecting and testing the NIST 800-53 Rev 5 security controls
desiredExcellent attention to detail.Strong data analysis skills.Excellent written and verbal communication skills.bility to handle and prioritize multiple tasks and deadlines.Possible travel to DC Client site/Prime office for badging/equipment.Bachelor's degree in Information Technology or related field and 5 years of relevant IA experience. May substitute security certification (e.g. CISSP) for 2 years of experience.
DUTIES:dvising stakeholders on InfoSec initiatives including compliance, awareness and training, and security operations.Leading Independent Validation and Verification (IV&V) efforts on security authorization/ATO packages to ensure compliance to agency requirements.Leveraging the existing Governance, Risk, and Compliance (GRC) tool, Telos Xacta (or an alternate like CSAM or RSA Archer), to track and reconcile findings from assessments, audits, and vulnerability scans.Coordinating government data calls (FISMA, FMFIA, BDR, etc.) and monthly reports.ssessing the effectiveness of the InfoSec and privacy training program and leading the collection, analyzing, and presentation of enterprise-level InfoSec performance metrics.Managing InfoSec Program POA&Ms, including advising on remediation efforts.Providing administrative support to Xacta (or equivalent GRC tool) users and authoring operational procedures.Working closely with senior agency security officials, system owners, information system security officers (ISSOs) and other stakeholders to advise and implement security solutions.Identifying opportunities for efficiencies in work process and innovative approaches.Participating in team problem solving efforts and offer ideas to solve client issues.Preparing and assisting in the development of policy and procedures.Conducting relevant research, data analysis, and developing reports.Preparing and assisting in the development of policy and procedures for program-level management and promoting consistency in program management best practices.Implementing processes and procedures to monitor risk across programs / projects. Preparing briefings to executive team to debrief the results of studies, analyses, and plansProgression Inn. is an affirmative action/equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, status as a protected veteran, or status as an individual with a disability. #indpro
MUST:Active Public Trust RequiredExperienced Information Security Analyst5+ years applying, selecting and testing the NIST 800-53 Rev 4 security controls.5+ years in-depth knowledge of NIST 800-37 Risk Management Framework.5+ years experience with a Governance, Risk and Compliance tool (e.g., Xacta, RSA Archer, CSAM or eMASS).Intermediate level cybersecurity certification (e.g., CompTIA Security+, ISC2 CGRC)
desiredIn-depth knowledge of applying, selecting and testing the NIST 800-53 Rev 5 security controls
desiredExcellent attention to detail.Strong data analysis skills.Excellent written and verbal communication skills.bility to handle and prioritize multiple tasks and deadlines.Possible travel to DC Client site/Prime office for badging/equipment.Bachelor's degree in Information Technology or related field and 5 years of relevant IA experience. May substitute security certification (e.g. CISSP) for 2 years of experience.
DUTIES:dvising stakeholders on InfoSec initiatives including compliance, awareness and training, and security operations.Leading Independent Validation and Verification (IV&V) efforts on security authorization/ATO packages to ensure compliance to agency requirements.Leveraging the existing Governance, Risk, and Compliance (GRC) tool, Telos Xacta (or an alternate like CSAM or RSA Archer), to track and reconcile findings from assessments, audits, and vulnerability scans.Coordinating government data calls (FISMA, FMFIA, BDR, etc.) and monthly reports.ssessing the effectiveness of the InfoSec and privacy training program and leading the collection, analyzing, and presentation of enterprise-level InfoSec performance metrics.Managing InfoSec Program POA&Ms, including advising on remediation efforts.Providing administrative support to Xacta (or equivalent GRC tool) users and authoring operational procedures.Working closely with senior agency security officials, system owners, information system security officers (ISSOs) and other stakeholders to advise and implement security solutions.Identifying opportunities for efficiencies in work process and innovative approaches.Participating in team problem solving efforts and offer ideas to solve client issues.Preparing and assisting in the development of policy and procedures.Conducting relevant research, data analysis, and developing reports.Preparing and assisting in the development of policy and procedures for program-level management and promoting consistency in program management best practices.Implementing processes and procedures to monitor risk across programs / projects. Preparing briefings to executive team to debrief the results of studies, analyses, and plansProgression Inn. is an affirmative action/equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, status as a protected veteran, or status as an individual with a disability. #indpro