1 day old

Security Compliance Analyst

Washington, DC 20004
Apply Now
Apply on the Company Site
Business Group Highlights

Civilian, State and Local

Perspectas Civilian, State and Local segment partners with the U.S. Federal Civilian State and Local governments to provide infrastructure services, business solutions, and digital transformation services that help them achieve policy objectives and integrate citizen-centric services.

Responsibilities

  • Participate in all steps of the Security Authorization and Assessment process for FISMA systems.
  • Deliver all required documentation using the current DHS approved templates, forms, regulations, and methods.
  • Continuously update all documentation as required.
  • Provide advisement to stakeholders to assign resources and establish timelines to ensure the successful Security Authorization of a system.
  • Review and validate all relevant NIST 800-53 and DHS 4300B Security Controls and/or applicable departmental policies for each IT system assigned.
  • Ensure software installed in the production environment is evaluated and provide guidance regarding the potential for the software to introduce risk into the environment.
  • Perform oversight of compliance with Vulnerability Alerts.
  • Review and validate Plan of Actions & Milestones (POA&Ms) for each non-compliant control for each managed IT System prior to authorizing closure. Proper documentation to support the POA&M lifecycle shall be filed and updated as required, including well documented waivers and exceptions detailing the potential risk to the Authorizing Official.
  • Perform in depth reviews of logs and other artifacts for each IT system.
  • Provide, track and report security requirements throughout the project life cycle of all projects that are within the accreditation boundary of assigned systems.
  • Work closely with Office of the Chief Information Security Officer (CISO) to provide guidance and oversight for all requested initiatives.
  • Provide timely and detailed responses to all data calls.
  • Provide oversight and guidance regarding requests to modify technical policies such as firewall rules, ports, protocols, etc. for each IT system.
  • Coordinate with and brief Federal staff on all activities pertaining to each IT system as requested.
  • Continuously maintain a thorough understanding of all configurations, architecture, installed software, accounts (both Operating System and Application), data flows, ports, protocols, and other relevant data for each IT System.
  • Coordinate with the appropriate operational group to accurately update the System Design Document for each IT system to reflect the approved state of each IT system.

Qualifications

  • Experience with Risk Management Framework (RMF), POA&Ms, Security Authorization and Assessments.
  • Experience conducting and documenting vulnerability assessments.
  • Knowledge of and experience with NIST SP 800-53, 800-53A, and 800-37.
  • Understanding of FISMA compliance.
  • Understanding of FedRAMP.
  • Experience with Nessus scans, or similar tool.
  • Strong writing skills are required.

Desired:

  • Experience working with DHS 4300A.
  • Technical background and ability to review complex configurations for validation.
  • CISSP, CISA, CAP, or equivalent certifications (DoD 8570 IAM 2 equivalent).

About Perspecta

What matters to our nation, is what matters to us. At Perspecta, everything we do, from conducting innovative research to cultivating strong relationships, supports one imperative: ensuring that your work succeeds. Our company was formed to bring a broad array of capabilities to all parts of the public sectorfrom investigative services and IT strategy to systems work and next-generation engineering.

Our promise is simple: never stop solving our nations most complex challenges. And with a workforce of approximately 14,000, more than 48 percent of which is cleared, we have been trusted to just that, as a partner of choice across the entire sector.

Perspecta is an AA/EEO Employer - Minorities/Women/Veterans/Disabled and other protected categories.

Email this job to a friendRefer
Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed




As a government contractor, Perspecta abides by the following provision
PAY TRANSPARENCY NONDISCRIMINATION PROVISION
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)

Industry

  • Information Technology
Posted: 2020-02-28 Expires: 2020-03-29

With offerings in mission services, digital transformation and enterprise operations, our team of 14,000 engineers, analysts, investigators and architects work tirelessly to create innovative solutions. We have the expertise and experience not only to devise solutions, but to execute on them successfully.

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Security Compliance Analyst

Perspecta
Washington, DC 20004

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast