Security Compliance Analyst, Tential, Rockville, MD
Tential -
Rockville, MD,
US
Security Compliance Analyst
Date Posted: 2024-05-26
Job description
Responsibilities (overall and day-to-day):
As a Security Compliance Analyst, you will be joining a team performing security assessments and providing consulting support to assist clients in meeting FISMA and FedRAMP requirements. The ideal candidate will have a firm understanding of how to apply the principles of Information Security in a variety of circumstances and expertise translating the NIST 800-53 guidelines into common technical implementations.
#LI-WB
#Dice
As a Security Compliance Analyst, you will be joining a team performing security assessments and providing consulting support to assist clients in meeting FISMA and FedRAMP requirements. The ideal candidate will have a firm understanding of how to apply the principles of Information Security in a variety of circumstances and expertise translating the NIST 800-53 guidelines into common technical implementations.
- Develop Security Authorization Packages that are compliant with FISMA/FedRAMP requirements. Package components include: System Security Plans, Contingency Plans, Configuration Management Plans, Incident Response Plans, Privacy Impact Assessments, and Plan of Action and Milestones (POA&M)
- Assist in the review and analysis of Security Authorization Packages for completeness and compliance with FISMA/FedRAMP requirements
- Demonstrate ability to lead compliance and assessments projects through the project lifecycle from initiation to project closure
- Lead working sessions with client and audit team to ensure expectations and direction are aligned and timelines are being met
- Collaborate across multiple internal teams to ensure successful delivery of artifacts and closure of audit field work
- Provide review and analysis of vulnerability scan results from tools such as Nessus, Qualys, AppDetective, WebInspect, IBM AppScan, Burp Suite, etc.
- Build a customer-focused relationship with client(s)
- Experience reviewing and updating policies, standards, and procedures to ensure they are up to date and reflect current practices
- Demonstrate familiarity with FISMA and NIST 800 series guidelines (800-30, 800-37, 800-53 and 53A, 800-60, etc.)
- SOC2
- RegSCI
- PCI-DSS
- Splunk
- CISSP/CEH/AWS certs/CASP/Security + certification or equivalent highly desired
- Bachelor's Degree (preferably in Information Technology or Cyber Security) or equivalent work experience
- FedRAMP experience HIGHLY preferred
- Must be a US citizen
#LI-WB
#Dice