Experience Inc. Jobs

Job Information

RightDirection Technology Solutions LLC Sr. Cybersecurity Analyst - Cleared in Fully Remote • Washington, District Of Columbia

Sr. Cybersecurity Analyst - Cleared

Fully Remote • Washington, DC (http://maps.google.com/maps?q=Washington+DC)

Description

RDTS is in need of a Sr. Cybersecurity Analyst to support the U.S. Dept of Treasury in Washington, D.C.

Requirements

Required Experience:

Vulnerability analysis

  • Experiencing performing security analysis of operation and development environments, threats, vulnerabilities and interfaces to define and assess compliance with government standards (Risk Management Framework, NIST 800-53 Rev 5, FedRamp)

Risk and Compliance

  • In depth knowledge of security authorization processes and procedures Experiencing with Assessment and Authorization (A&A) processes under the Risk Management Framework (RMF) for new and existing information systems

  • Experience developing Memorandums of Understanding (MOU), Interconnection Security Agreements (ISA), Risk Acknowledgement Letters (RAL), Service Level Agreements and support Continuous Monitoring (CONMON)

  • Experience with agile methodology, creating process designs, technical designs, defining user stories, working with onshore/offshore development teams, leading user acceptance testing (UAT), and providing the necessary end-user training to deliver the proposed solution.

  • 3+ years of experience as an information system security officer or information system security manager

  • Professional certifications such as Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Security Professional (CISSP), Certified PRINCE2 Practitioner

Desired Experience:

  • Experience participating in incident response and information security audits

  • Experience Leading vulnerability assessments and security reviews through a comprehensive testing process to identifying weaknesses and vulnerabilities within the systems that affect the confidentiality, integrity and availability systems

  • Experience performing or participating in Web application security assessments (e.g., exploiting web app vulnerabilities such as sql injection, cross-site scripting, parameter manipulation, session hijacking)

  • Information security compliance framework Subject Matter Expert

  • Experience leading and implementing ServiceNow GRC modules (policy and compliance, risk management, audit management, business continuity management and vendor risk management)

  • Experience conducting developing documentation and delivering application demonstrations.

DirectEmployers