Cybersecurity Analyst/Information Assurance
Fairfax, VA

Tiber Creek Consulting, Inc. is seeking a Cybersecurity / Information Assurance (IA) Analyst to serve as a technical cybersecurity subject matter expert (SME) as part of a growing cybersecurity operations team in Fairfax VA, responsible for assessing and ensuring operational, technical, and privacy security control compliance for large, complex information systems. You will provide support for executing full Security Assessment and Authorization (SA&A) life cycle and risk management functions, measuring risk, examining system documentation, interviewing appropriate system and site personnel, testing system technical security configuration settings and developing findings reports. The successful candidate demonstrates subject matter expertise in security guidance and security control assessment (SCA) processes using the relevant framework; leverages knowledge of Plan of Action and Milestones (POA&M) management and continuous monitoring; tests system technical security configuration settings; reviews Nessus scan results for compliance with industry standards, and assists with developing and reviewing compliance reports that clearly identify security findings and proposed remediation strategies.

Apply To:
Certifications:Security+ Certification is required
Job Duties:
  • Support Command Cyber Readiness Inspections (CCRI) and Risk Management Framework (RMF) mission sets.
  • Develop and sustain RMF Certification and Accreditation (C&A) packages to maintain Authorization to Operate (ATO).
  • Process and submit Plans of Action and Milestones (POA&Ms).
  • Support IT Incident Response (IR) actions and reporting.
  • Perform security assessments and audits for commercial organizations.
  • Write/develop System Security Plans (SSP) and Tenant Security Plans (TSP).
  • Write/develop security and risk reports.
  • Consult clients on various mitigation and remediation solutions/methods.
  • Support development and enhancement of a commercial Governance, Risk Management, and Compliance (GRC) solution.
  • Provide subject matter expertise consulting for all things cybersecurity for a wide range of clients across industry verticals both small business and large business.
  • Perform enterprise-wide risk analysis and vulnerability assessments.
  • Provide support for automating cybersecurity operations via technology solutions.
Physical Demands and Work Environment:
  • Some local and long distance travel may be required.
  • Usual office working conditions and standard office equipment. Required to sit for long periods of time using a personal computer. Some light physical effort required.
  • Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this position.
Minimum Qualifiers:
  • Unable to work with 3rd party candidates or agencies

Interested in Joining Our Team?