- Serve as Security Controls Assessors for formal Security Test and Evaluation, Conduct of Security Certifications of systems/networks/sites assessing security control compliance, providing guidance regarding remediation and mitigation of identified vulnerabilities, all security domains.
- Support to the Security Assessment and Authorization (SA&A) Risk Management Framework tasks for all managed systems, networks, and enclaves (all security domains); ensure validity and accuracy review of all associated documentation.
- Conduct in-depth security reviews and assessments of deployed and proposed security control implementations for systems and applications hosted in CSP environments such as AWS, Azure, Google etc.
- Documenting test case findings from completed Risk and Vulnerability Assessments (RVA) within Requirements Traceability Matrixes (RTMs) and Security Assessment Reports (SARs).
- Reconciling system categorization and information types against NIST and agency specific security control overlays to identify final security control baselines.
- Understand and analyze CSP SSPs and provided inherited controls and updating and tailoring system security control implementations to meet the customer requirements.
- Knowledge of current NIST RMF and FedRAMP SA&A approaches to ensure that assessment plans and packages are executed and constructed in alignment with FedRAMP PMO requirements.
- Provide guidance on the application of security policy, identifying security requirements, providing technical guidance for the satisfaction of requirements, reviewing and determining the adequacy of required documentation.
- Develop and update organizational SA&A requirements, document templates, procedures, and policies for cloud-based systems and applications.
- Provide support for management and maintenance of assessment and authorization repositories.
- Understanding of architecting and securing applications in the cloud.
- Strong familiarity with migrating applications to the cloud.
- Strong familiarity with National Institute of Technology (NIST) Information Security Documents.
- Experience executing the NIST Risk Management Framework (RMF).
- Experience developing and promulgating Security Assessment Plans and POAMs
- Experience interpreting and evaluating implementations of NIST rev 4 security controls.
- Experience in analysis of IA requirements, IA architecture design, IA audit tools and IA compliance for operational/mission systems.
- Implementing Risk Management Framework (RMF) in high-risk network environment
- Practices and methods of IT strategy, enterprise architecture and security architecture
- Bachelor's Degree in Computer Science, Software Engineering, Systems Engineering, Information Systems or a related technical discipline with 5+ yrs. of related work experience ; an additional 4 years of work experience may be substituted in lieu of a degree
- Excellent written and oral communication skills a must, with the ability to work independently or as a member of a team; must be comfortable working with personnel on all levels of an organization
- Current DoD 8570 IAT III certification preferred or be able to obtain within 90 days of start date
- Specialized Expertise:
- RMF and ISCM related system assessment and monitoring tasks including general Federal agency FISMA and FedRAMP security assessment and compliance reporting requirements.
- Familiarity with Ongoing Authorization/Continous Mitigation OA/CM
- Other Applications:
- ComplyVision/ACE or other C&A tool or workflow such as IACS/XACTA, eMASS etc
- System Platforms:
- Microsoft Windows
- UNIX
- Linux E
- Primary Databases:
- Microsoft SQL
-
Security Analyst
4 days ago
Abnormal Security San Francisco, United StatesJob Description · Job DescriptionThe OpportunityWe are looking for an Overnight Security Analyst to join our frontline cybersecurity defense team. As a Security Analyst, you will be responsible for identifying, catching, and preventing email fraud by efficiently handling a high v ...
-
Security Analyst
3 weeks ago
Harness San Francisco, United StatesHarness is a high-growth company that is disrupting the software delivery market. Our mission is to enable the 30 million software developers in the world to deliver code to their users reliably, efficiently, securely and quickly, increasing customers' pace of innovation while im ...
-
Security Analyst
1 day ago
Jesica San Francisco, United StatesAbout: · Jesica is a recruiting agency that utilizes AI to source, screen and match candidates to right career opportunities. We work on behalf on our clients who are actively seeking qualified candidates to these roles. If you are a candidate either actively looking or just brow ...
-
Security Analyst with Security Clearance
1 week ago
Apex Systems San Francisco, United States PermanentSecurity Analyst MUST HAVE ZERO TRUST EXPERIENCE/KNOWLEDGE Email - Primary Responsibilities Execute continuous network monitoring and incident handling/problem resolution. · Triage events, incidents, and assist with developing AO specific trends. · Support various collaborative a ...
-
Information Security Analyst
2 weeks ago
bitFlyer team San Francisco, United StatesInformation Security Analyst (REMOTE) · Who We Are · Looking to join a dynamic, international team with a passion for virtual currency and gain opportunities for career growth? · bitFlyer is one of the first cryptocurrency exchanges with licenses to operate across US, EU and J ...
-
Sr./IT Security Analyst
1 week ago
Federal Reserve Bank San Francisco, United StatesCompany · Federal Reserve Bank of San Francisco We are the Federal Reserve Bank of San Francisco—public servants with a mission to advance the nation's monetary, financial, and payment systems to build a stronger economy for all Americans. We are a community-engaged bank, and ar ...
-
Security Operations Analyst
1 week ago
Astranis San Francisco, United StatesAstranis is on a mission to bridge the digital divide by connecting the four billion people worldwide who currently lack internet access. We're doing this by building the next generation of smaller, more cost-effective spacecraft to bring the world online. · As a team, we've lau ...
-
Sr./IT Security Analyst
3 weeks ago
Federal Reserve System San Francisco, United StatesCompany · Federal Reserve Bank of San Francisco · We are the Federal Reserve Bank of San Francisco—public servants with a mission to advance the nation's monetary, financial, and payment systems to build a stronger economy for all Americans. We are a community-engaged bank, and a ...
-
Military Analyst with Security Clearance
2 weeks ago
RIOS Advantage LLC San Francisco, United States PermanentRiosAdvantage, LLC, committed to making the world a safer and more secure place for current and future generations, facilitating change leadership in rapidly evolving global and U.S. domestic security environments is seeking an experienced Military Analyst The right candidate wil ...
-
Information Security Analyst
2 weeks ago
Ampcus San Francisco, United StatesTargeted Years of Experience: 7-10 yearsResponsibilities - Rapid Response Retainer Liaison - Provide customers with a consistent interface to investigative response team. · The Liaison will serve as a contact point for non-emergency response questions or issues regarding the Rap ...
-
Security Analyst
3 weeks ago
University of California , San Francisco San Francisco, United StatesSecurity Analyst · PPH-Domestic-Core-IZ · Full Time · 78736BR · Job Summary · Please note: Sacramento - In office 2 days a week starting in June with possibility of increased office days according to return to office mandate · This position supports the California Immunizati ...
-
Cloud Information Security Analyst
21 hours ago
Deutsche Bank San Francisco, United States PermanentJob Description: · Job Title Cloud Information Security Analyst · Corporate Title Associate · Location Jacksonville, FL · Overview · The Chief Security Office (CSO) comprises the Corporate Security unit the Chief Information Security Office (CISO), which guarantees informati ...
-
GRC Information Security Analyst
2 weeks ago
Sumitomo Mitsui Financial Group, Inc. San Francisco, United StatesABOUT THE ORGANIZATION · SMBC MANUBANK was formed by a group of banking entrepreneurs in June 1962. Our scope is to serve the specialized needs of California middle-market businesses, manufacturers, wholesalers, distributors, importers, exporters, and service companies, includin ...
-
Super Systems Inc San Francisco, United States PermanentJob Description: Mid ISSO · Clearance: Secret- will upgrade to TS/SCI · Location: Onsite, no remote or hybrid · Mon-Fri: Core hours Responsibilities: · • Develop, implement, oversee, and maintain customer organization information assurance (IA) program that identifies IA require ...
-
Apex Systems San Francisco, United States PermanentApex Systems is seeking a TS/SCI cleared with CI Poly Targeting Analyst to sit on-site with our client at Ft. Meade, MD. Overview: Develops targets and target systems for joint lethal and / or non-lethal engagements. Develops target nominations, creates database records, and data ...
-
Mainframe Security Analyst
3 weeks ago
American Cybersystems San Francisco, United StatesInnova Solutions is immediately hiring for a Mainframe Security Analyst. · Position type: Full Time - Contract · Duration: 13 Months - Contract · Location: Remote · As a Mainframe Security Analyst, you will: · Design document test maintain and provide issue resolution reco ...
-
Information Security Analyst
3 weeks ago
Collabera San Francisco, United StatesHome · Search Jobs · Job Description · Information Security Analyst · Contract: San Francisco, California, US · Salary: $68.00 Per Hour · Job Code: · End Date: · Days Left: 29 days, 3 hours left · Apply · Day To Day Responsibilities:Design and consult on cybersecurity me ...
-
Information Security Analyst
2 weeks ago
bitFlyer team San Francisco, United StatesInformation Security Analyst (REMOTE) · Who We Are · Looking to join a dynamic, international team with a passion for virtual currency and gain opportunities for career growth? · bitFlyer is one of the first cryptocurrency exchanges with licenses to operate across US, EU and J ...
-
Mainframe Security Analyst
2 weeks ago
Ascent Services Group San Francisco, United StatesInnova Solutions is immediately hiring for a Mainframe Security Analyst. · Position type: Full Time - Contract · Duration: 13 Months - Contract · Location: Remote · As a Mainframe Security Analyst, you will: · Design document test maintain and provide issue resolution recommen ...
-
QED Systems, LLC San Francisco, United States PermanentStrategic Coordination Analyst · Full Time · Professional · Fort Meade, MD, US QED Systems, LLC, is currently recruiting a Strategic Coordination Analyst to join our team at Fort Meade, MD to support our USCYBERCOM J0/J1 contact. Duties: Bring in-depth understanding and expertise ...
Information Systems Security Analyst - West Valley City, United States - The Ladders
Description
OverviewISHPI is a recognized industry leader in providing Cybersecurity support and consulting services to our Federal agency and Department of Defense partners. In this, we specialize in developing and performing Cybersecurity Engineering and Operations processes and activities to ensure systems and services achieve and maintain adequate levels of compliance and operational security posture throughout all phases of their lifecycle. We are currently seeking cybersecurity professionals for positions in the Suffolk VA area supporting the Internal Revenue Service.
Responsibilities
Key Skills:
"Ishpi Information Technologies, Inc. is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, disability, or status as a protected veteran."
Pay Rate:
The annual base salary range for this position is $120,000 - $125,000 . Please note that any salary information disclosed is a general guideline only. Ishpi considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/ training, key skills as well as market and business considerations when extending an offer.
Expression of Interest: By applying to this job, you are expressing interest in this position and could be considered for other career opportunities where similar skills and requirements have been identified as a match. Should this match be identified, you may be contacted for this and future openings.
*cj
Information Systems Security Analyst professionals in San Francisco
-
arun lamichhane
Software QA Engineer
-
Fred Diamond
Product Designer
-
Santiago Gonzalez Garcia
MBA Student
-
Geremy Lowe
Health Analyst | Historian | PhD Student
-
Arvind Sharma
Full Stack Developer | Web Applications
-
Robert Rodriguez
Data Center Engineer