Security Analyst (FISMA standards, NIST 800-53, POA&M, CAP, GRC processes) - MVP Consulting Plus : Job Details

SC-10226-1Daily duties / responsibilities:This implementation assistance would include, but is not limited to:

• Reviewing assessment findings and deficiencies for accuracy, completeness, and validity
• Developing and tracking finding remediation plans and recommendations for risk management alternatives
• Providing process improvement recommendations and documentation to support the process improvements
• Documenting information gathered during both interviews and document reviews to assist with developing formal processes and procedures
• Assessing agency documentation to ensure adequate approaches are used to comply with controls
• Facilitating agency status reporting
• Collaborating, often onsite at agency locations, with agencies to provide recommendations for compliance

• Have conducted audit and assessment activities related to industry or government compliance requirements
• Have completed an information security plan or system security plan workbook
• Prior experience working with FISMA standards
• Must have a strong working knowledge of NIST 800-53
• Prior experience POA&M or CAP
• Strong communication (written and verbal) experience
• Experience with GRC processes
• Simultaneously manage multiple infosec work efforts
• Strong schedule management and resource planning skills
• Ability to work at a high-volume and fast pace
• Strong collaborator and ability to meet deadlines
• Knowledge of IRS 1075, HIPAA, CJIS, mars-e, and/or PCI-DSS
• Ability to identify, map, and reengineer business processes

• 6+ years of experience in information security and compliance
• Certifications: CISA or CISSP or CISM or GSLC or equivalent