ISSO/Cyber Security Assessment and Authorization Analyst

ISSO/Cyber Security Assessment and Authorization Analyst

Rockville, MD - Face to Face Interviews

12 Months

Applicants selected will be subject to a Public Trust background security investigation and may need to meet eligibility requirements for access to sensitive information.

Responsibilities

• Support a client as an assessment and authorization (A&A) analyst, including A&A efforts for various agency systems.
• Maintain responsibility for supporting federal clients obtaining the authority to operate (ATO) for new and modernized systems.
• Adhere to the NIST Risk Management Framework (RMF) to support the A&A process, including analyzing the development of supporting policies, procedures, and plans, designing and
• implementing security controls, testing and validating security controls, and analyzing and tracking corrective action plans.
• Ensure all supporting artifacts and results will be documented in the A&A repository
• Performing security controls assessments on security boundaries and producing required security documentation.
• Experience with NIST special publications (SPs) regarding the SA process, including SP 800-53, SP 800-137, and SP 800-37.
• Experience with continuous monitoring and plans of action and milestones (POA&M) management.
• Experience with assessing systems deployed in Cloud Environments.

Job Requirements

• BA or BS degree in MIS, CS, or related cybersecurity discipline (Masters preferred).
• 5 years of experience with assessment and accreditation (A&A).
• 5 years of experience as a security control assessor or validator.
• 5 years of experience with maintaining IT security policies, processes, and guidance.
• Experience with using GRC tool CSAM
• Experience with A&A of cloud-plaforms