GovernmentCIO

  • Security Analyst

    Job Locations US-Remote
    Posted Date 3 weeks ago(7/30/2018 10:57 AM)
    Job ID
    2018-1408
    # of Openings
    1
    Category
    Information Technology
  • Overview

    GovernmentCIO is looking for a Security Analyst to join our team. The role is part of the Genomic Information System for Integrated Science (GENSIS) project at the VA Medical Center in Boston, MA.  The Security Analyst shall be responsible for completing and maintaining documentation such as the system security plan, security risk assessment, security control assessment activities, and continuous monitoring in a Cloud environment. Security documentation will be required to achieve and maintain system Authorization-to-Operate (ATO).

    Responsibilities

    The Security Analyst will:

    • Conduct Assessment and Authorization (A&A) and perform all continuous monitoring functions and assist in maintaining Systems Authorization to Operate (ATO).
    • Security responsibilities include developing and maintaining system SSP, ISCP, IR Plan, CM Plans, Audit Plans, and ATO package documentation requirements
    • Oversight and development of POA&Ms as part of the Assessment and Accreditation
    • Work with the Clients Office of Information Security team and stakeholders to identify, document, and evaluate the status system security controls
    • Use security configuration management tools and reports to identify risks and track findings against Federal security policies and guidelines for mitigation planning and remediation
    • Perform annual control reviews as part of continuous monitoring to identify new risks, track findings against Federal security policies and guidelines, managing Plan-of-Action and Milestone (POAM) to closure and mitigation planning and remediation of controls in the Cloud environment.

     

    Qualifications

     

    Required:

    • Bachelors Degree
    • 5+ Years of Experience
    • Security compliance experience (NIST 800-53 and applicable special publications, FISMA, FedRAMP)
    • Risk management framework experience (e.g. NIST 800-30)
    • Working knowledge of the VA’s VIP Agile development process
    • Working knowledge of Rational tools
    • Analytical and investigation skills
    • Ability to work independently with minimal guidance and supervision

    Preferred:

    • Experience with VA’s VIP Agile process for building Agile software specifically experience in build planning, sprint execution, testing, release planning, deployment, and post deployment support.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed