This job is closed

We regret to inform you that the job you were interested in has been closed. Although this specific position is no longer available, we encourage you to continue exploring other opportunities on our job board.

Testpros - Arlington, VA

posted 2 months ago

Full-time - Senior
Arlington, VA
Professional, Scientific, and Technical Services

About the position

The Information Security Analyst SME at TestPros is responsible for supporting a Federal cybersecurity program by managing vulnerabilities, ensuring compliance with security controls, and providing expert guidance on security-related issues. This role involves leading Risk Management Framework (RMF) assessments, managing the Plan of Action and Milestones (POA&M), and ensuring that security documentation meets federal standards. The position requires a strong understanding of cybersecurity policies and practices, particularly in cloud environments, and involves collaboration with various teams to ensure security requirements are met throughout the system lifecycle.

Responsibilities

  • Lead RMF assessment, authorization, and monitoring steps for systems following NIST and ICD 503 standards.
  • Manage the POA&M tracker to monitor vulnerabilities and compliance with security controls.
  • Perform vulnerability management and provide guidance on prioritizing and remediating vulnerabilities.
  • Review change requests to ensure compliance with security requirements and provide recommendations.
  • Develop and maintain comprehensive security technical documentation as per NIST 800-53a standards.
  • Conduct reviews of policies and procedures to identify and address documentation gaps.
  • Support service and product teams in selecting and tailoring security controls appropriate to the information system.
  • Perform risk assessments and maintain consistent communication regarding security issues.

Requirements

  • 10+ years of proven experience performing security controls.
  • Expert knowledge of Federal policies and practices related to cybersecurity.
  • Experience with RMF assessment, authorization, and monitoring steps for systems following NIST and ICD 503 standards.
  • Strong architecture, network, and infrastructure security expertise, particularly in cloud environments.
  • Excellent verbal and written communication skills.
  • Knowledge of common assessment & authorization (A&A) application platforms (e.g., eMASS, CSAM, Xacta preferred).
  • Expert knowledge in risk and vulnerability management.
  • Active TS/SCI security clearance.

Nice-to-haves

  • Agency experience (ideally DHS CISA).
  • Cyber program experience.
  • SAFe and DevSecOps experience.

Benefits

  • Paid holidays
  • Health insurance
  • Dental insurance
  • Paid time off
  • Vision insurance
  • 401(k) matching
  • Employee discount
  • Life insurance
Job Description Matching

Match and compare your resume to any job description

Start Matching
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service