Cybersecurity Analyst, Senior Consultant

Company: Guidehouse
Location: Potomac
Posted on: January 25, 2023

Job Description:

Job Family:Cyber ConsultingTravel Required:NoneClearance Required:Ability to Obtain SecretWhat You Will Do: The Cybersecurity Analyst will provide subject matter expertise in support of the Department of State, Office of the Global Aid Coordinator's (OGAC) information systems' (IS) portfolio, demonstrating a strong understanding of the Risk Management Framework (RMF) and general Cybersecurity principles. Job Description/Responsibilities:

• Provide day-to-day support on various Cybersecurity related issues
• Work directly as part of a fast-paced client team with flexibility, and effectively communicate cybersecurity, Information Assurance (IA) and risk concerns
• Support Risk Management Framework (RMF) Assessment and Authority (A&A) efforts
• Coordinate with the Information System Security Officer and System Development and Engineering teams to evaluate the need to seek an Authorization to Operate (ATO) for new and existing ISs
• Leverage National Institute of Standards and Technology (NIST) Special Publication (SP) 800.53 Revision 5 controls to identify gaps, address outstanding authorization requirements, and coordinate directly with system stakeholders
• Create, update, and track needed documentation to support all authorization processes, to include but not limited to implementation of required NIST security level controls, objectives, plans and procedures, and artifacts
• Assist with documenting the ATO process for new and legacy ISs into the agency's current governance, risk, and compliance (GRC) tool
• Advise the Information System Owner (ISO), System Engineering Teams (SE), and the Authorizing Official (AO) of system vulnerabilities and residual risks
• Identify tactics to remediate or mitigate IS vulnerabilities
• Ensure that all Plan of Action and Milestones (POA&Ms) are documented, completed, and tested
• Coordinate IS security-related inspections, tests, and reviews with the ISO, SE Teams, and the AO
• Ensure that ISs are maintained and disposed of per agency and NIST policies and procedures
• Assist with updating cybersecurity documentation and governance What You Will Need:
  • High level understanding of systems, networking, and vulnerabilities management
  • Working knowledge of NIST Risk Management (RMF) and Cybersecurity Frameworks (CSF)
  • Ability to facilitate meetings, interface with IS stakeholders, and create, analyze, and/or update authorization documentation to support A&A requirements
  • High level working knowledge of NIST guidance: 800-53 rev 5 Security and Privacy Controls for Federal Information Systems and Organizations and 800-37 rev 2 RMF for Information Systems and Organizations and 800-37 rev 2 RMF for Information Systems and Organizations
  • Working knowledge of system categorization and cyber GRC tools such as Xacta and ArchAngel
  • Experience operationalizing specific IT and information protection guidance from the Department of Homeland Security (DHS) or Office of Management and Budget (OMB)
  • Maintain the highest levels of quality and client satisfaction
  • 3+ years of experience with cybersecurity technologies and/or Information Assurance in the federal space
  • Bachelor's degree
  • US Citizenship and an active Secret Clearance What Would Be Nice To Have:
    • Knowledge of the Federal Risk and Authorization Management Program (FedRAMP)
    • Experience working with FedRAMP approved cloud services
    • Experience with vulnerability assessment analysis and reporting
    • At least one of the following certifications: Security +, CISSP, SSCP, CISM, CAP, PMP.
    • Knowledge of emerging cyber technologies preferred:
      • Cloud
      • Identity
      • Mobility
      • Experience with developing and presenting briefs to non-technical audiences and clients
      • Possession of excellent oral and written communication skills What We Offer:Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.Benefits include:
        • Medical, Rx, Dental & Vision Insurance
        • Personal and Family Sick Time & Company Paid Holidays
        • Position may be eligible for a discretionary variable incentive bonus
        • Parental Leave and Adoption Assistance
        • 401(k) Retirement Plan
        • Basic Life & Supplemental Life
        • Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts
        • Short-Term & Long-Term Disability
        • Student Loan PayDown
        • Tuition Reimbursement, Personal Development & Learning Opportunities
        • Skills Development & Certifications
        • Employee Referral Program
        • Corporate Sponsored Events & Community Outreach
        • Emergency Back-Up Childcare Program
        • Mobility StipendAbout GuidehouseGuidehouse is an Equal Employment Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, ancestry, citizenship status, military status, protected veteran status, religion, creed, physical or mental disability, medical condition, marital status, sex, sexual orientation, gender, gender identity or expression, age, genetic information, or any other basis protected by law, ordinance, or regulation.Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.If you have visited our website for information about employment opportunities, or to apply for a position, and you require an accommodation, please contact Guidehouse Recruiting at 1- or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation. Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse and Guidehouse will not be obligated to pay a placement fee.

Keywords: Guidehouse, Potomac , Cybersecurity Analyst, Senior Consultant, Professions , Potomac, Maryland