Information Security Analyst, Information Assurance RMF
Share
Job Location:
Alexandria, VA - USA
Monthly Salary:
Not Disclosed
Posted on:
13 hours ago
Vacancies:
1 Vacancy
Job Summary
Information Security Analyst Information Assurance/RMF
Active Secret Required
Hybrid schedule
CISSP CAP or CISM certification required
Nationwide IT Services NIS is seeking an Information Security Analyst/Information Assurance/RMF for the following potential opportunity.
Core Responsibilities:
About Nationwide IT Services
NIS is an IT and Management consulting company that is a CVE-verified Service-Disabled Veteran- Owned Small Business. Our mission is to deliver value-added services to our customers leveraging technology people and industry best practices to implement innovative solutions through our trusted employees and team members.
Our benefits package includes medical dental and vision insurance life and disability insurance 401(k) plan with employer match paid holidays PTO (sick/vacation) commuter benefits employee assistance program (EAP) and educational reimbursement along with Pet Insurance.
Nationwide IT Services Inc. provides equal employment opportunities (EEO) to all qualified applicants regardless of race color religion sex national origin sexual orientation gender identity genetics disability or protected veteran status. for the following potential opportunity.
Core Responsibilities:
About Nationwide IT Services
NIS is an IT and Management consulting company that is a CVE-verified Service-Disabled Veteran- Owned Small Business. Our mission is to deliver value-added services to our customers leveraging technology people and industry best practices to implement innovative solutions through our trusted employees and team members.
Our benefits package includes medical dental and vision insurance life and disability insurance 401(k) plan with employer match paid holidays PTO (sick/vacation) commuter benefits employee assistance program (EAP) and educational reimbursement along with Pet Insurance.
Nationwide IT Services Inc. provides equal employment opportunities (EEO) to all qualified applicants regardless of race color religion sex national origin sexual orientation gender identity genetics disability or protected veteran status.
Active Secret Required
Hybrid schedule
CISSP CAP or CISM certification required
Nationwide IT Services NIS is seeking an Information Security Analyst/Information Assurance/RMF for the following potential opportunity.
Core Responsibilities:
- Support the execution of the full cybersecurity and RMF lifecycle for DoD and Federal systems with emphasis on security control implementation assessment authorization and continuous monitoring activities.
- Perform vulnerability scanning and compliance validation including but not limited to ACAS scanning STIG assessments SCAP validation and configuration compliance checks.
- Analyze vulnerability scan results identify false positives assess risk severity and support remediation planning in coordination with engineering and operations teams.
- Track document and manage remediation activities and Plans of Action and Milestones (POA&Ms) through closure ensuring alignment with mandated timelines and risk tolerance.
- Support RMF authorization activities including initial ATOs ATO renewals significant change packages and continuous authorization (cATO) efforts.
- Support and execute Information Security Continuous Monitoring (ISCM) activities including vulnerability trend analysis control effectiveness validation configuration drift monitoring and security posture reporting.
- Support the implementation and monitoring of Zero Trust security principles at a system level including identity awareness least privilege access and continuous validation of users devices and workloads.
- Prepare review and maintain cybersecurity and authorization artifacts in eMASS including but not limited to:
- System Security Plans (SSPs)
- Security Assessment Reports (SARs)
- Plans of Action and Milestones (POA&Ms)
- Control implementation narratives and supporting evidence packages
- Conduct security control assessments and support independent verification and validation activities.
- Assist with the implementation and maintenance of security controls aligned with NIST SP 800-53 and DoD cybersecurity requirements.
- Coordinate with system owners cybersecurity engineers and program leadership to communicate security findings risks and remediation status.
- Support cybersecurity audits inspections and Cyber Operational Readiness Assessments (CORA) ensuring accurate documentation and evidence traceability.
- Assist in maintaining compliance with applicable cybersecurity policies including FISMA DoD RMF DoD Zero Trust guidance and the DoD Cloud Computing Security Requirements Guide (CC SRG).
- Active Secret clearance required.
- Five or more years of experience in information security information assurance or cybersecurity operations with experience supporting RMF-based programs.
- Hands-on experience performing vulnerability scanning and compliance assessments using tools such as ACAS STIG Viewer and SCAP Compliance Checker.
- Experience supporting RMF documentation and authorization packages including SSPs SARs and POA&Ms.
- Working knowledge of NIST SP 800-53 NIST RMF and DoD cybersecurity policies.
- Experience using eMASS to support RMF lifecycle activities and track authorization artifacts.
- Familiarity with cloud security concepts and environments such as AWS GovCloud or Microsoft Azure Government.
- One or more cybersecurity certifications required including CISSP CCSP CISM and CASP ( Renamed SecurityX)
Preferred Qualification:
- Bachelors degree in Cybersecurity Information Systems Computer Science or a related field.
About Nationwide IT Services
NIS is an IT and Management consulting company that is a CVE-verified Service-Disabled Veteran- Owned Small Business. Our mission is to deliver value-added services to our customers leveraging technology people and industry best practices to implement innovative solutions through our trusted employees and team members.
Our benefits package includes medical dental and vision insurance life and disability insurance 401(k) plan with employer match paid holidays PTO (sick/vacation) commuter benefits employee assistance program (EAP) and educational reimbursement along with Pet Insurance.
Nationwide IT Services Inc. provides equal employment opportunities (EEO) to all qualified applicants regardless of race color religion sex national origin sexual orientation gender identity genetics disability or protected veteran status. for the following potential opportunity.
Core Responsibilities:
- Support the execution of the full cybersecurity and RMF lifecycle for DoD and Federal systems with emphasis on security control implementation assessment authorization and continuous monitoring activities.
- Perform vulnerability scanning and compliance validation including but not limited to ACAS scanning STIG assessments SCAP validation and configuration compliance checks.
- Analyze vulnerability scan results identify false positives assess risk severity and support remediation planning in coordination with engineering and operations teams.
- Track document and manage remediation activities and Plans of Action and Milestones (POA&Ms) through closure ensuring alignment with mandated timelines and risk tolerance.
- Support RMF authorization activities including initial ATOs ATO renewals significant change packages and continuous authorization (cATO) efforts.
- Support and execute Information Security Continuous Monitoring (ISCM) activities including vulnerability trend analysis control effectiveness validation configuration drift monitoring and security posture reporting.
- Support the implementation and monitoring of Zero Trust security principles at a system level including identity awareness least privilege access and continuous validation of users devices and workloads.
- Prepare review and maintain cybersecurity and authorization artifacts in eMASS including but not limited to:
- System Security Plans (SSPs)
- Security Assessment Reports (SARs)
- Plans of Action and Milestones (POA&Ms)
- Control implementation narratives and supporting evidence packages
- Conduct security control assessments and support independent verification and validation activities.
- Assist with the implementation and maintenance of security controls aligned with NIST SP 800-53 and DoD cybersecurity requirements.
- Coordinate with system owners cybersecurity engineers and program leadership to communicate security findings risks and remediation status.
- Support cybersecurity audits inspections and Cyber Operational Readiness Assessments (CORA) ensuring accurate documentation and evidence traceability.
- Assist in maintaining compliance with applicable cybersecurity policies including FISMA DoD RMF DoD Zero Trust guidance and the DoD Cloud Computing Security Requirements Guide (CC SRG).
- Active Secret clearance required.
- Bachelors degree in Cybersecurity Information Systems Computer Science or a related field.
- Five or more years of experience in information security information assurance or cybersecurity operations with experience supporting RMF-based programs.
- Hands-on experience performing vulnerability scanning and compliance assessments using tools such as ACAS STIG Viewer and SCAP Compliance Checker.
- Experience supporting RMF documentation and authorization packages including SSPs SARs and POA&Ms.
- Working knowledge of NIST SP 800-53 NIST RMF and DoD cybersecurity policies.
- Experience using eMASS to support RMF lifecycle activities and track authorization artifacts.
- Familiarity with cloud security concepts and environments such as AWS GovCloud or Microsoft Azure Government.
- One or more cybersecurity certifications required including CISSP CCSP CISM and CASP ( Renamed SecurityX)
About Nationwide IT Services
NIS is an IT and Management consulting company that is a CVE-verified Service-Disabled Veteran- Owned Small Business. Our mission is to deliver value-added services to our customers leveraging technology people and industry best practices to implement innovative solutions through our trusted employees and team members.
Our benefits package includes medical dental and vision insurance life and disability insurance 401(k) plan with employer match paid holidays PTO (sick/vacation) commuter benefits employee assistance program (EAP) and educational reimbursement along with Pet Insurance.
Nationwide IT Services Inc. provides equal employment opportunities (EEO) to all qualified applicants regardless of race color religion sex national origin sexual orientation gender identity genetics disability or protected veteran status.
Required Experience:
Manager
Key Skills
- IT Experience
- Splunk
- IDS
- Cybersecurity
- FIPS
- PCI
- NIST Standards
- Information Security
- Encryption
- FISMA
- RMF
- Siem
