Senior Control Assessment Analyst

About The Position

Requirements

• All candidates must be US citizens.
• At least five years of experience performing the functions associated with this labor category.
• Understanding of relevant laws and regulations, such as NIST guidance and OMB memoranda. This includes knowledge of the NIST Risk Management Framework and familiarity with key publications like NIST SP 800-37, 800-53, and 800-171.
• Experience conducting security assessments on federal systems.
• Experience assessing and mitigating risks associated with cybersecurity and data privacy.
• Experience developing and implementing compliance programs, conducting risk assessments, and advising on compliance-related issues.
• Experience with the system Authorization to Operate process, including understanding the documentation required, the levels of approval needed, and the most effective ways to manage this process within a federal environment.
• Basic understanding of procurement processes and contract language requirements for federal mandates.
• Experience communicating complex regulatory and compliance information in a clear and concise manner.
• Experience tracking and reporting on training and awareness program performance, including calculating metrics to help measure the effectiveness of security, privacy, and social engineering training.

Responsibilities

• Ensuring that plans of action and milestones (POAMs) are properly tracked, managed, and remediated as well as in assisting with inventory management for security and privacy assets.
• Supporting training and awareness activities by developing metrics and producing reports on program effectiveness.

Benefits

• Paid Time Off & Holiday Pay
• Medical Insurance
• Dental Insurance
• Vision Insurance
• Disability, Life Insurance, and AD&D
• Flexible Spending Accounts
• Pre-Tax 401K and/or After-Tax Roth IRA (with employer matching contribution)
• Tuition and Technical Training Reimbursement
• Exercise Reimbursement
• Employee Assistance Program