Information Security Analyst SME with TS/SCI

Testpros - Arlington, VA

posted 9 days ago

Full-time - Senior
Arlington, VA
Professional, Scientific, and Technical Services

About the position

The Information Security Analyst SME at TestPros is responsible for supporting a Federal cybersecurity program by managing vulnerabilities, ensuring compliance with security controls, and providing expert guidance on security-related issues. This role involves leading Risk Management Framework (RMF) assessments, managing the Plan of Action and Milestones (POA&M), and ensuring that security documentation meets federal standards. The position requires a strong understanding of cybersecurity policies and practices, particularly in cloud environments, and involves collaboration with various teams to ensure security requirements are met throughout the system lifecycle.

Responsibilities

  • Lead RMF assessment, authorization, and monitoring steps for systems following NIST and ICD 503 standards.
  • Manage the POA&M tracker to monitor vulnerabilities and compliance with security controls.
  • Perform vulnerability management and provide guidance on prioritizing and remediating vulnerabilities.
  • Review change requests to ensure compliance with security requirements and provide recommendations.
  • Develop and maintain comprehensive security technical documentation as per NIST 800-53a standards.
  • Conduct reviews of policies and procedures to identify and address documentation gaps.
  • Support service and product teams in selecting and tailoring security controls appropriate to the information system.
  • Perform risk assessments and maintain consistent communication regarding security issues.

Requirements

  • 10+ years of proven experience performing security controls.
  • Expert knowledge of Federal policies and practices related to cybersecurity.
  • Experience with RMF assessment, authorization, and monitoring steps for systems following NIST and ICD 503 standards.
  • Strong architecture, network, and infrastructure security expertise, particularly in cloud environments.
  • Excellent verbal and written communication skills.
  • Knowledge of common assessment & authorization (A&A) application platforms (e.g., eMASS, CSAM, Xacta preferred).
  • Expert knowledge in risk and vulnerability management.
  • Active TS/SCI security clearance.

Nice-to-haves

  • Agency experience (ideally DHS CISA).
  • Cyber program experience.
  • SAFe and DevSecOps experience.

Benefits

  • Paid holidays
  • Health insurance
  • Dental insurance
  • Paid time off
  • Vision insurance
  • 401(k) matching
  • Employee discount
  • Life insurance

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service