What are the responsibilities and job description for the Information Security Analyst position at Software Guidance & Assistance?
Job Details
Software Guidance & Assistance, Inc., (SGA), is searching for an Information Security Analyst for a Contract assignment with one of our premier Regulatory clients in Rockville, MD or Tyson, VA.
This role is hybrid (3 days onsite) - needs to be in the DMV area
As a Security Consultant, you will be joining a team performing security assessments and providing consulting support to assist clients in meeting FISMA and FedRAMP requirements. The ideal candidate will have a firm understanding of how to apply the principles of Information Security in a variety of circumstances and expertise translating the NIST 800-53 guidelines into common technical implementations.
Responsibilities :
Develop Security Authorization Packages that are compliant with FISMA/FedRAMP requirements under the supervision of senior staff members. Package components include: System Security Plans, Contingency Plans, Configuration Management Plans, Incident Response Plans, Privacy Impact Assessments, Security Assessment Plans, and Security Assessment Reports.
Assist in the review and analysis of Security Authorization Packages for completeness and compliance with FISMA/FedRAMP requirements.
Experience with SOCS2, PCI-DSS or RegSCI preferred
Participate in client interviews to complete Security Authorization Packages and Security Assessments.
Ensure existing systems Security Authorization Packages remain up to date throughout the life cycle.
Provide review and analysis of vulnerability scan results from tools such as SentileOne, Qualys, AppDetective, WebInspect, IBM AppScan, Burp Suite, etc.
Build a customer-focused relationship with client(s).
Collaborate across multiple internal teams to ensure successful delivery of results based on scope of work.
Establish standards and procedures to minimize risks.
Drive working sessions with client to ensure expectations and direction are aligned and timelines are being met.
Demonstrate ability to lead projects through the project lifecycle from initiation to project closure.
Required Skills:
Certifications: CISSP, CEH, CAP, Security , GSEC, CCNA, CCNP, AWS certs, CASP, etc.
Demonstrate familiarity with FISMA and NIST 800 series guidelines (800-30, 800-37, 800-53 and 53A, 800-60, etc.)
Excellent communication skills, both written and verbal with strong presentation skills. (must present to customers)
FEDRAMP experience HIGHLY preferred
3-5 years experience for Junior MidLevel
Preferred Skills:
Experience with the newest technologies (Cloud, AI, Splunk, Service Now, etc.)
SGA is a technology and resource solutions provider driven to stand out. We are a women-owned business. Our mission: to solve big IT problems with a more personal, boutique approach. Each year, we match consultants like you to more than 1,000 engagements. When we say let's work better together, we mean it. You'll join a diverse team built on these core values: customer service, employee development, and quality and integrity in everything we do. Be yourself, love what you do and find your passion at work. Please find us at .
SGA is an Equal Opportunity Employer and does not discriminate on the basis of Race, Color, Sex, Sexual Orientation, Gender Identity, Religion, National Origin, Disability, Veteran Status, Age, Marital Status, Pregnancy, Genetic Information, or Other Legally Protected Status. We are committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, and our services, programs, and activities. Please visit our company to request an accommodation or assistance regarding our policy.
This role is hybrid (3 days onsite) - needs to be in the DMV area
As a Security Consultant, you will be joining a team performing security assessments and providing consulting support to assist clients in meeting FISMA and FedRAMP requirements. The ideal candidate will have a firm understanding of how to apply the principles of Information Security in a variety of circumstances and expertise translating the NIST 800-53 guidelines into common technical implementations.
Responsibilities :
Develop Security Authorization Packages that are compliant with FISMA/FedRAMP requirements under the supervision of senior staff members. Package components include: System Security Plans, Contingency Plans, Configuration Management Plans, Incident Response Plans, Privacy Impact Assessments, Security Assessment Plans, and Security Assessment Reports.
Assist in the review and analysis of Security Authorization Packages for completeness and compliance with FISMA/FedRAMP requirements.
Experience with SOCS2, PCI-DSS or RegSCI preferred
Participate in client interviews to complete Security Authorization Packages and Security Assessments.
Ensure existing systems Security Authorization Packages remain up to date throughout the life cycle.
Provide review and analysis of vulnerability scan results from tools such as SentileOne, Qualys, AppDetective, WebInspect, IBM AppScan, Burp Suite, etc.
Build a customer-focused relationship with client(s).
Collaborate across multiple internal teams to ensure successful delivery of results based on scope of work.
Establish standards and procedures to minimize risks.
Drive working sessions with client to ensure expectations and direction are aligned and timelines are being met.
Demonstrate ability to lead projects through the project lifecycle from initiation to project closure.
Required Skills:
Certifications: CISSP, CEH, CAP, Security , GSEC, CCNA, CCNP, AWS certs, CASP, etc.
Demonstrate familiarity with FISMA and NIST 800 series guidelines (800-30, 800-37, 800-53 and 53A, 800-60, etc.)
Excellent communication skills, both written and verbal with strong presentation skills. (must present to customers)
FEDRAMP experience HIGHLY preferred
3-5 years experience for Junior MidLevel
Preferred Skills:
Experience with the newest technologies (Cloud, AI, Splunk, Service Now, etc.)
SGA is a technology and resource solutions provider driven to stand out. We are a women-owned business. Our mission: to solve big IT problems with a more personal, boutique approach. Each year, we match consultants like you to more than 1,000 engagements. When we say let's work better together, we mean it. You'll join a diverse team built on these core values: customer service, employee development, and quality and integrity in everything we do. Be yourself, love what you do and find your passion at work. Please find us at .
SGA is an Equal Opportunity Employer and does not discriminate on the basis of Race, Color, Sex, Sexual Orientation, Gender Identity, Religion, National Origin, Disability, Veteran Status, Age, Marital Status, Pregnancy, Genetic Information, or Other Legally Protected Status. We are committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, and our services, programs, and activities. Please visit our company to request an accommodation or assistance regarding our policy.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.