Tikras Technology Solutions Corporation is looking to hire a Sr. Security Analyst to become a member of a government compliance security team. Candidate should have moderate IT or consultant experience with a preferred focus on IT securities, and must have detailed experience with NIST practices and guidelines.
And don’t forget … if your organization is interested in posting their career opportunities here, head on over to our Job Board page for all the details. Well anyway … on to the job post.
Sr. Security Analyst
Tikras Technology Solutions Corporation
- Applicant will become a member of a government compliance security team supporting multiple NIST compliant A&A packages for a federal customer.
- Will provide multi-discipline security administrative and technical security support RMF effort.
- Areas of responsibility include Physical, Computer, Personnel, Information, Administrative, Operational, and Communications Security analysis, assessment, and reporting.
- Conduct security assessments of Federal information systems in accordance with NIST SP 800-37 and 800-53 guidance.
- Develop security authorization packages for newly developed systems.
- Coordinate all aspects of the effort with identified points of contact, working with a high degree of independence.
- Collaborate with information system owners, security officers, developers and IT operations personnel to conduct system security categorizations in accordance with NIST SP 800-60 and FIPS 199 requirements (as amended).
- Document security control selections and apply control tailoring guidance in accordance with NIST SP 800-53 and NIST 800-18 (as amended).
- Develop initial system security plans and contingency plans aligned with organizational policies and NIST SP 800-18, NIST SP 800-34 (as amended) and security best practices.
- Provide recommendations to organizational stakeholders for preliminary POA&M remediation and application of security engineering principles (NIST SP 800-27 Rev. A).
- Develop security assessment plans, carry out technical security assessments of all selected management operational and technical security controls, and document the results of the assessment and a concurrent risk assessment in a Security Assessment Report (SAR).
- Develop POA&M Reports including all identified weaknesses, recommended actions for remediation or mitigation and provide weakness criticality ratings based on the risk assessment results.
- Provide multi-discipline security administrative and technical security support to the IA RMF and Continuous Monitoring Programs.
- Key focus areas for the Sr. Security Analyst are continuous monitoring program support and strategic control implementation and assessment.
- Industry recognized technical certification accepted in lieu of two years of experience.
- CISSP and CAP strongly preferred.
- Six years relevant IT or consulting experience with a preferred focus on IT security policies, architectures, and/or standard operating procedures, or four years minimum experience in an information security or information assurance role and a minimum of two years direct experience with information security and delivering RMF and security assessment activities in accordance with NIST SP 800-37 preferred.
- Complete knowledge and working experience in the technical security assessment of IT systems and network infrastructures.
- Thorough knowledge of standard methodologies used in A&A process.
- Must have detailed experience in NIST A&A/RMF guidelines and industry best practices for: Risk Assessment and Management, Vulnerability Analysis, Contingency Planning/Disaster Recovery, Configuration Management, Security Assessments, and developing Mitigation Plans.
- Must have experience conducting technical security assessments of complex information systems with minimal to no supervision.
Bachelor’s Degree and four years relevant experience or Master’s Degree and three years relevant experience or six years relevant experience.
Applicants must be able to pass a National Agency Check with Inquiries.
About Tikras Technology Solutions Corporation
Tikras Technology Solutions Corp. is a Native American Owned Small Business dedicated to providing experienced and professional services to our Government and Commercial clients. Specializing in information security and assurance and providing superior solutions in information technology, training and program management, Tikras offers True solutions to Real problems.
The ever-changing landscape of information technology requires an organization to maintain both the agility to respond and the strength of a firm foundation to resist sacrificing the even flow of operations. Tikras works extensively with clients to first identify and define the organization’s core needs and then develop the appropriate solution of people, process, and technology to achieve the delicate balance of agility and strength for your organization.
Follow-Up Contact Information
For additional information and to apply, head on over to its requisition.