Sr Cyber Security Analyst

$95,000 - $105,000/Yr

HILL International - Schenectady, NY

posted 10 days ago

Full-time - Mid Level
Schenectady, NY
1,001-5,000 employees
Professional, Scientific, and Technical Services

About the position

The Sr Cyber Security Analyst at Hill International is responsible for executing all aspects of the National Institute of Standards and Technology (NIST) directives to support the Risk Management Framework (RMF). This role involves assisting information system owners in developing System Security Plans (SSPs) and Security Assessment Reports (SARs) using the RSA Archer application, as well as creating Plans of Action and Milestones (POA&Ms) and Risk Based Decisions (RBDs) for deficiencies identified during the information system authorization process.

Responsibilities

  • Execution of all aspects of the National Institute of Standards and Technology (NIST) directives to support the Risk Management Framework (RMF).
  • Assist information system owners with the development of System Security Plans (SSPs) and Security Assessment Reports (SARs) using the RSA Archer application.
  • Assist in the development of Plans of Action and Milestones (POA&Ms) and Risk Based Decisions (RBDs) for deficiencies found during the information system authorization process.

Requirements

  • 5-10 years of combined experience in roles such as security control validator, security control assessor, Information System Security Officer (ISSO), or Information System Security Manager (ISSM).
  • At least two years of experience supporting the development of information system security authorization packages in accordance with Risk Management Framework (NIST 800-37, 800-53, 800-53a).
  • At least two years of experience working with Federal Risk and Authorization Management Program (FedRAMP).
  • Security+ Certification.
  • Experience with the RSA Archer application.
  • At least two years of experience working on IT security project teams.
  • At least one year of experience managing IT projects.
  • Knowledge of IT infrastructure and services (Data Centers, physical and virtual servers, local and wide area networking components, cloud Infrastructure/Platform/Software as a Service, etc.).
  • Knowledge of security policies such as NIST Special Publications, Security Technical Implementation Guides (STIGs), DOD Cloud Computing Security Resource Guide (SRG).
  • Knowledge of infrastructure security, endpoint protection, vulnerability management tools.
  • Previous work authorizing information systems within a classified DoE or DoD environment.
  • Familiarity with NIST 800-171.
  • Certified Information Systems Security Professional (CISSP) certification.
  • Certificate of Cloud Security Knowledge (CCSK) certification.

Benefits

  • Medical
  • Dental
  • Vision
  • Employer Paid Life and Accidental Death & Dismemberment Insurances
  • Business Travel Accident Insurance
  • Short-Term Disability
  • Long Term Disability
  • Flexible Spending Account
  • Health Savings Account
  • Dependent Care Flexible Spending Account
  • Commuter Benefits
  • Legal Assistance
  • Identity Theft Protection
  • Pet Insurance
  • Auto & Home Insurance
  • Critical Illness Insurance
  • Accident Insurance
  • Hospital Indemnity Insurance
  • Voluntary Life & Accidental Death & Dismemberment Insurance
  • Paid Time Off (PTO)
  • Holidays
  • 401(K) Retirement Savings Plan
  • Employee Referral Program
  • Professional Certification Incentive Program
  • Hill University Learning and Development
  • Tuition Reimbursement
  • EAP
  • Years of Service Awards Program

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service