Reporting to the Director of Operations, the Information Security Analyst will be on site as part of Foreground Security’s new SOC to facilitate the C&A process for a large federal customer.
- Ensuring that the system meets specific security guidelines to insure that production systems and applications are secure.
- Review and analysis of applications, systems, network and sites
- Preparing and socializing documentation and reports for the clients Operations department
- Attending and Representing the clients Operations department in all collaboration and security meetings.
- Achieving and maintaining a consensus within the clients environment involving all security related issues
- Responsible for signing off on packages prior to submittal to the validator
- Responsible for the facilitating and coordinating information assurance activities required to successfully complete the C&A package
- Responsible for Interim Approval to test (IATT), Interim authorization to operate (IATO), and Authorization to Operate (ATO) requirements for packages.
- Responsible for identifying security vulnerabilities and providing guidance on risk mitigation
- Responsible for providing highly technical and specialized guidance, and solutions to complex Security problems.
- Responsible for performing security documentation reviews
- Responsible for conducting general security controls reviews
- Responsible for assisting on C&A tasks as assigned by PM.
- Bachelor’s Degree
- PMP Preferred
- CISSP Preferred
- Proficient in Microsoft Project
- 6-10 yrs experience with Certification and Accreditation
- C&A documentation experience in Government
- Experience with the DIACAP process
- Knowledge of security / validation testing tools to include vulnerability scanners, Wireshark, and DISA STIGs, SRR, and DISA checklist
- Must have knowledge and experience with Federal Government regulations such as: FISMA and OMB Circular A-130 and familiarity with NIST Special Publications
- Knowledge of common controls in terms of C&A processes and streamlined application of such.
- Strong interpersonal skills and teamwork skills
- Strong requirements gathering, analysis and organization skills
- Strong technical writing and documentation skills
- Demonstrated understanding of Project Management principles and practices