Title: Information Assurance Analyst (ASAR)
Location: Remote, United States
Onsite Flexibility: 100% Remote
Information Assurance Analyst with NIST/RMF/GRC tool experience. Must have experience providing clients with security requirement recommendations.
Required Education Level: Bachelors
Required Degree: Computer Science, Engineering, Math, or equivalent
Required Years Experience: 5
Substitution Criteria: 8 years of additional relevant experience may be substituted for education
Location: Remote
Information Assurance Analyst with NIST/RMF/GRC tool experience. Must have experience providing clients with security requirement recommendations.
Core Hours:9a-3p ET
As a Triage deployed Information Assurance Analyst on our team, you'll use your experience to work withgovernment clients to develop, review, and route security service requests for specialized devices/systems (e.g., medical, research, telehealth, Internet of Things).Liaise between deployed field personnel responsible for onsite support for specialized devices/systems and our enterprise cybersecurity team. Identify security service request process gaps. Develop, recommend, and implement security service request process improvements. This is your opportunity to act as an information security subject matter expert where you will broaden your skills in Risk Management Framework and NIST Security and Privacy controls.This position is open to remote delivery anywhere within the U.S., to include the District of Columbia.
You Have
Experience with NIST special publications and FIPS
Experience with information security and assurance principles, including the NIST Cybersecurity Framework and RMF process
Experience with assessing NIST security and privacy controls and developing and maintaining Plans of Action and Milestones (POA&Ms)
Experience with Governance Risk Compliance (GRC) tools (e.g., eMASSorRiskVision)
Experience with providing guidance for the NIST security and privacy controls and for providing sufficient documentation and artifacts for each control in a GRC tool
Experience in reviewing security requirements, recommending a mitigation strategy for deficiencies, and working directly with clients to provide solutionsand education
Ability to obtain and maintain a Public Trust or Suitability/Fitness determination based on client requirements
Bachelor's degree in Computer Science, Math or equivalent is required and 5 years of experience or a total of 13 years of relevant experience in lieu of education
Nice If You Have
Experience with Privacy and Security control implementation, testing and assessment, and POAM management
Experience with hand-on and in-depth security service requests routing
Experience with using data analytical tools
Experience with the VA
Experience with IoT and/or Medical Device Cybersecurity
Experience with ServiceNow
Experience with eMASS
Experience with scanning tools
Experience with creating formulas and data analysis in excel
Possession of excellent customer service and organization skills
Possession of excellent verbal and written communication skills
Public Trust
CAP, CISSP, CISM, PMP, or CCSK Certification
