Cybersecurity Analyst/Information Assurance - Fairfax, VA

Tiber Creek Consulting, Inc. is seeking a Cybersecurity / Information Assurance (IA) Analyst to serve as a technical cybersecurity subject matter expert (SME) as part of a growing cybersecurity operations team in Fairfax VA, responsible for assessing and ensuring operational, technical, and privacy security control compliance for large, complex information systems. You will provide support for executing full Security Assessment and Authorization (SA&A) life cycle and risk management functions, measuring risk, examining system documentation, interviewing appropriate system and site personnel, testing system technical security configuration settings and developing findings reports. The successful candidate demonstrates subject matter expertise in security guidance and security control assessment (SCA) processes using the relevant framework; leverages knowledge of Plan of Action and Milestones (POA&M) management and continuous monitoring; tests system technical security configuration settings; reviews Nessus scan results for compliance with industry standards, and assists with developing and reviewing compliance reports that clearly identify security findings and proposed remediation strategies.

Apply To:
  • Fairfax, VA
  • Security+ Certification is required
Related Work Experience Should Include:
  • Strong understanding of Federal and Industry security policies, standards and best practices, risk assessment.
  • Strong security system analysis skills and understanding of¬†Cyber and IT security risks, threats and prevention measures.
  • Security+ certification (required); Certified Information Systems Security Professional (CISSP) or Certified Information Systems Auditor (CISA) or CompTIA Advanced Security Practitioner (CASP) certification (preferred).
  • Experience as an Information Assurance (IA) Analyst and/or IT Operations supporting an Agile/DevSecOps environment.
  • Experience supporting customers in either Federal Government and/or other industry specific Cybersecurity Compliance and Regulatory standards/frameworks.
  • Experience with a variety of cybersecurity compliance standards, regulations and frameworks such as: NIST RMF, NIST CSF, FISMA, FIPS, NIST SP800-171r1, NIST SP800-53r4, NIST SP800-60, PCI-DSS, HIPAA, SOC 2, ISO27001, FedRAMP, etc.
  • Experience with cloud security and cloud architectures.
  • Knowledgeable of Cybersecurity/IA products such as PKI, VPN, firewalls, IPS, IDS, SCAP, STIG, Nessus, ACAS, SIEM, HIDS, NIDS, MFA solutions, Vulnerability Scanners, Endpoint protection solutions, data at rest encryption solutions, data in transit encryption solutions, penetration testing tools, Kali linux, nmap, etc.
  • In-depth understanding of networking and network security; network monitoring and protocols.
Job Duties:
  • Support Command Cyber Readiness Inspections (CCRI) and Risk Management Framework (RMF) mission sets.
  • Develop and sustain RMF Certification and Accreditation (C&A) packages to maintain Authorization to Operate (ATO).
  • Process and submit Plans of Action and Milestones (POA&Ms).
  • Support IT Incident Response (IR) actions and reporting.
  • Perform security assessments and audits for commercial organizations.
  • Write/develop System Security Plans (SSP) and Tenant Security Plans (TSP).
  • Write/develop security and risk reports.
  • Consult clients on various mitigation and remediation solutions/methods.
  • Support development and enhancement of a commercial Governance, Risk Management, and Compliance (GRC) solution.
  • Provide subject matter expertise consulting for all things cybersecurity for a wide range of clients across industry verticals both small business and large business.
  • Perform enterprise-wide risk analysis and vulnerability assessments.
  • Provide support for automating cybersecurity operations via technology solutions.
Physical Demands and Work Environment:
  • Some local and long distance travel may be required.
  • Usual office working conditions and standard office equipment. Required to sit for long periods of time using a personal computer. Some light physical effort required.
  • Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this position.

Unable to work with 3rd party Candidates or agencies

Interested in joining our team?

Comments are closed.