Mid-Level System Security Analyst

Minimum Job Requirements:

This role serves as a “hands-on” mid-level security analyst who will be responsible for interfacing with the security engineering, operations and build teams, assisting with the development and/or maintenance of various POAMs, input to System Security Plans (SSP) and associated documentation for multiple environments, gathering scan results, conducting analysis on scan results, providing recommendations for vulnerability remediation or mitigations and providing information on the current risk and vulnerabilities.  This position will assist with ongoing continuous monitoring activities on a daily, quarterly or annual basis.   Additionally, this role will assist with the security assessments (i.e. FedRAMP, FISMA, HIPAA, SOC, etc.), to include supporting collection of evidence.  A thorough understanding of vulnerability management (scans, assessment findings, deviation requests, etc.) in order to maintain a secure posture is required.

The Security Analyst will be responsible for Continuous Monitoring Support

 for the various environments; which may include development of the metrics / trends, analysis of scan results, assisting with the FedRAMP, FISMA, IRAP, etc authorization processes to include scan analysis and deviation requests, and briefing of status, as required.  This role serves as a mid level security analyst who assists with the continuous monitoring process, and can provide thoughtful recommendations on remediation / mitigation, as well as development of associated processes and procedures.  This role must communicate between security, engineering, development and operations teams as required, and be able to interpret and document the results of data gathering.  Key deliverables for success will be maintenance of various conmon activities (i.e. scan execution, review and analysis, POAM maintenance, etc.); ensuring processes and procedures are current and followed, and provides management with a status of the security posture of the environment.  

In Summary, this position needs to be able execute the following:

• Gather information, understand architecture diagrams and implementation of the scans configuration through interfacing with the security engineering, operations and build teams 
• Develop security documentation such as, but not limited to, conmon plans, procedures and processes, and standard operating procedures 
• Analysis various scans for application, operating system and containers, to include accuracy 
• Review and maintain POAM manually as well as via automated tools
• Maintain, via review and update, of all POAM inputs, including vendor and operational dependencies. 
• Understand the intent of the FedRAMP/FISMA security controls and communicate as needed
• Assist with the FedRAMP/StateRAMP or FISMA authorization to include, but not limited to, prep of ISSE and operations team through mock interviews, update/explanation of documentation and processes as required, and support FedRAMP PMO/Agency /CISO requests 
• Assist with ITAR/EAR, HIPAA, PCI DSS, ISO, SOC assessments to obtain/maintain certifications, as required

The general qualifications for a mid-level security analyst – conmon consists of:

• Experience with Cloud technologies, especially AWS, Azure, and/or Goggle Cloud
• Experience with FedRAMP and/or other authorization processes and NIST risk management framework
• Experience in developing, evaluating, and implementing information security architectures, technologies, standards, and practices to secure applications and IT systems, desirable
• Experience in vulnerability management to include analysis of App, O/S and Container scans 
• Development of security documentation such as conmon plans, policies, procedures, etc., based on NIST SP 800-53 security controls and FedRAMP CONMON.
• Flexible, self-motivated, and able to work independently and communications with other teams in a fast paced environment
• Excellent communication skills (oral and written) and the proven ability to work effectively with all levels of IT and business management. 
• Experience in writing or executing system security documentation, authorization to operate packages, POA&Ms, and policies.  
• Experience in reviewing/editing/writing technical documents
• Skill in preparing and making written and oral presentations of complex technical nature.
• Experience using ticketing systems such as JIRA
• Demonstrated ability to coordinate multiple tasks
• U.S. Person
• Professional industry certifications in area of expertise desired