- Communication Skills
- NIST Standards
The Security Analyst provides technical and analytical support for the Board's computer security systems. Develops new security measures as needed.
The Security Analyst is responsible for conducting security control assessments on application and infrastructure platforms to ensure the Board Information Security Program (BISP) meets Federal Information Management Act (FISMA) mandated requirements and providing cyber risk management guidance to system owners. In addition the incumbent will also assist with Plan of Action & Milestones (POA&M) testing, Privacy Impact Assessment (PIA) / System of Records Notice (SORN) reviews, Cloud computing / FedRamp assessments, SOX testing, act as a liaison on Office of Inspector General (OIG) reviews and provide training as well as best practice support.
The Security Analyst in the Information Security & Privacy Program unit is also responsible for writing and maintaining policy and standard documentation as well as providing compliance guidance and training regarding information security regulatory mandates. A working knowledge of cyber security risk management, FISMA, NIST security guidance, OMB security mandates and COBIT are required. Strong communication and written skills as well as analytical problem solving skills are essential.
Experience performing security review and control testing. Working knowledge in the areas of Cyber Security Risk Management, Privacy, FedRamp audit standards and Sarbanes-Oxley (SOX) auditing standards and RSAM.
REQUIRED: **INFORMATION SECURITY & PRIVACY PROGRAM UNIT** U.S. Citizenship. The following dimension criteria will be used: Oral and written communication skills; planning/organizing/controlling; analysis;
judgment/decisiveness; ability to learn; initiative; leadership ability; ability to work under stress; basic knowledge of varies technologies and industry best practice standards, customer and service orientation.
We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, genetic information, or application, membership, or service in the uniformed services.