Global Alliant Inc is looking for a Information Security Analyst in None – Apply Here!
Information Security Analyst
Global Alliant Inc. is seeking an Information Security analyst to join our team supporting a federal government agency. Primary job responsibilities include:
• Evaluate, maintain, and communicate the risk posture of FISMA systems to government ISSO, Business Owner and team.
• Possess knowledge and experience in all areas of the Risk Management Framework.
• Support the stakeholders in ensuring that all requirements specified by the acceptable risk safeguards (ARS) and the procedures and standards of the RMH are implemented and enforced.
• Ensure information security and privacy testing is performed throughout the SDLC as appropriate and results are considered during the development phase of the SDLC.
• Develop security and privacy artifacts required for annual system assessment.
• Monitor system security posture by reviewing all proposed information security and privacy artifacts to provide recommendations to the ISSO.
• Work with the development team to close any POAMs
• Determine the privacy impacts and manage information security and privacy risk.
• Coordinate and lead contingency tabletop exercises, penetration tests, and annual system assessment interviews.
5+ years of professional experience supporting information security/assurance programs, policies, processes, and procedures per various security frameworks/laws/standards/directives, e.g.: FISMA; OMB directives; Presidential Directives; NIST (SP-800 series; FIPS); HIPAA of 1996; Privacy Act
If you are interested in applying for this position, please reach out to me at [email protected]
• Comprehensive knowledge of the FISMA, HIPAA laws and Privacy Act of 1974
• Knowledge of the NIST SP 800 series documents
• Knowledge of the 800-53 security control requirements and standard methods for implementing them
• Practical knowledge of IT System contingency planning
• Understanding of risk assessment and risk management concepts
• Good understanding of continuous monitoring and continuous authorization concepts
• Good understanding of protection of PII and PIA concepts
• Expert use of MS Office, especially Word, PowerPoint and Outlook
• Ability to articulate technical concepts, especially in the review process
• Excellent communication skills
• CISSP, CISM, CAP preferred