What are the responsibilities and job description for the Information Assurance Analyst position at Digital Global Connectors?
Information Assurance Analyst
Citizenship Required: U.S. Citizenship
Clearance: Public Trust
Job Duration: Full Time
Site: Washington D.C. Metro Area (Bethesda, MD) (Hybrid)
Overview: We are seeking an Information Assurance and Cybersecurity Analyst to monitor and administer Information Security systems, processes, and procedures to protect and maintain the confidentiality, integrity, and availability of all data and information systems and network environments. This position will work closely with other teams, vendors, and partners to secure all aspects of data flow, system controls, and operational procedures with a focus on FISMA/RMF-related data and controls.
Responsibilities:
· Develop NIST/FISMA ATO/SA&A documentation for systems and networks undergoing certification and validate the quality of deliverables produced by the team.
· Support Assessment and Authorization (A&A) efforts for agency systems, including those deployed in cloud environments (AWS, Azure, O365).
· Assess risks, identify mitigation requirements, and develop accreditation recommendations; responsibilities include tracking SA&A requirements for assigned systems within the agency and validating that tasks are on schedule, ensuring delivery of quality documentation.
· Perform quality control reviews of Privacy Threshold Assessments (PTAs) and Privacy Impact Assessments (PIAs) to ensure accuracy, compliance, and adherence to privacy standards.
· Review and edit draft security artifacts as assigned to ensure compliance with SA&A and FISMA.
· Coordinate quality-control activities required to ensure the accuracy and adequacy of each deliverable, including in-process and final reviews, editing for compliance with all applicable specifications and standards, validation, and change verification.
· Coordinate, develop, and evaluate security programs for the organization. Recommend information assurance/security solutions to support customers’ requirements.
· Create Standard Operating Procedure (SOP) documentation.
· Identify, report, and resolve security violations.
· Establish and satisfy information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands.
· Perform vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle.
· Determine enterprise information assurance and security standards.
· Develop and implement information assurance/security standards and procedures.
· Contribute to industry and governmental bodies.
· Actively participate in client discussions, meetings, and business development opportunities.
· Assist the Program Manager with preparation of status reports and briefings.
Required Qualifications:
· Bachelor’s degree in Cybersecurity, Information Technology, or a related field.
· CISSP, CAP , CISM, CCSP, and/or other related certifications.
· 3 years of experience in Information Assurance and SA&A.
· Proven experience in developing NIST/FISMA ATO documentation and supporting cloud-based A&A efforts.
· Knowledge of risk management frameworks, vulnerability assessments, and security risk analysis.
· Knowledge of federal security standards (NIST, FISMA, FedRAMP, ISO 27001, etc.)
· Proven ability to develop, review, and edit technical documentation, including A&A documentation, security artifacts, and status reports.
