Full-timeEstimated: $52,000 - $69,000 a year
- Communication Skills
- Business Management
- NIST Standards
- Project / Program Management
- High School Diploma or GED
Full Job Description
SiloSmashers, Inc. is a strategy, technology, and management consulting firm, founded in 1992, and located in Herndon, Virginia. SiloSmashers delivers superior services and solutions to the public sector in the areas of project/program management, performance management, and IT security. The company provides innovative, collaborative business approaches, and proven methodologies that enable customers to break down organizational silos and optimize operational efficiency to achieve peak performance and mission success
Summary of the Role
The Jr Security Analyst supports the information security and privacy program for a federal civilian agency. They are responsible for day-to-day Plan of Actions and Milestones (POA&M) monitoring and reporting activities. They use existing resources to monitor system vulnerabilities and validate the successful mitigation. They develop reports to share with administrators about the status of mitigation efforts. This role serves as a "hands-on" security analyst who will be responsible for interfacing with the team. The Jr. Security Analyst coordinates between the security, development and operations teams daily, and documents the results of data gathering.
Conducts day-to-day POA&M monitoring and validation activity. Key deliverables are the accurate documentation of POA&M status and timely submission of POA&M reports.
Verify the accuracy and content of submitted POA&Ms. Coordinate with personnel to maintain and update monthly reports that accurately represent POA&M statuses.
Utilize the agency's Governance Risk Compliance (GRC) tool and vulnerability scanning tool to identify and document the system security posture.
Develop reports from continuous monitoring tools and integrate techniques to produce actionable items to improve the security posture of the system.
Coordinate with personnel to obtain vulnerability, audit, security and privacy assessment information and other reports and output that identify control weaknesses.
Verify that weaknesses and milestones are documented accurately and according to requirements.
Education Requirements: High School Diploma or equivalent
Excellent communication skills and the proven ability to work effectively with all levels of IT and business management.
Experience with FISMA requirements and NIST SP 800-37, 800-137, and 800-53.
Experience with POA&M coordination, management, and mitigation validation. Experience with POA&M reporting and POA&M status communication.
Experience and understanding of various risk, compliance and security tools.
Works independently and collaboratively to resolve challenges facing the team quickly and completely.
Security+ is helpful
Capable of securing Public Trust clearance