Ipkeys Technologies
posted about 2 months ago
The CyberSecurity Assessment and Authorization Analyst plays a crucial role in supporting the Department of Health and Human Services, specifically the Indian Health Service (IHS). This position is primarily responsible for executing and assisting in the completion of security certifications, as well as providing support in the development and implementation of a comprehensive program to manage compliance with government regulations. The analyst will conduct annual security controls effectiveness testing, document findings, and monitor remediation efforts across all systems in accordance with established policies and procedures. In addition to testing, the analyst will engage in significant research, evaluation, and documentation development, which includes creating security assessment reports, methodologies, briefings, and presentations. The role also involves conducting information security audits and risk assessments on customer systems and networks, ensuring that documentation aligns with the National Institute of Standards and Technology (NIST) guidelines and the Risk Management Guide for Information Technology Systems. The analyst will be responsible for reviewing and updating security and contingency plans annually, making recommendations to address any identified deficiencies. Furthermore, the analyst will assist system owners in developing security authorization packages that comply with NIST guidelines and organizational standards. This includes evaluating the implementation of security controls, preparing security authorization packages, and ensuring compliance with federal regulations such as FISMA, HIPAA, and OMB mandates. The analyst will also be tasked with reviewing and updating risk assessments in response to significant changes in systems or networks, ensuring that customer information and systems are adequately protected from unauthorized access and other threats. The role requires effective communication skills to brief staff on compliance areas, corrective recommendations, and plans of action to address deficiencies. The analyst will analyze major IT systems from a security perspective throughout the systems development lifecycle and will be responsible for maintaining a neat and orderly work environment, reporting any unsafe conditions, and participating in self-development through available training opportunities.