Security RMF Audit Analyst - Senior

Security RMF Audit Analyst - Senior

Would you like to live and work in a community outside the hustle and bustle of a large metropolitan area but yet close enough to all the big city amenities? The quaint, coastal town of Elizabeth City, NC with plenty of southern charm will make you feel at home in no time! With its unique location in Northeastern North Carolina, it is a short drive full of waterways and woodlands to the beaches of the Outer Banks, the nearby big cities of Hampton Roads, and the entertainment and recreation opportunities of the Virginia Peninsula. Also, Richmond, VA and Raleigh/Durham, NC are three hours away and the Washington, DC metropolitan area is four. Come live the Southern coastal life and experience the satisfaction of supporting the vital and life-saving work of the US Coast Guard.

Position Requirements:

• Recommends information assurance/security solutions to support customers' requirements.
• Identifies, reports, and resolves cyber security violations.
• Designs, develops, engineers, and implements solutions that meet security requirements.
• Provides integration and implementation of the computer system security solution.
• Evaluate and validate technical processes used to support authorization and assessment activities to assure the systems meet the organization's cybersecurity requirements.
• Perform actions as risk management framework for all systems including government cloud.
• Develop training, processes, and procedures to support the transition.
• Assess security risks of systems, applications, processes with emphasis on cybersecurity risks against common control frameworks and regulations.
• Analyzes general information assurance and cyber security-related technical problems and provides basic engineering and technical support in solving these problems.
• Performs vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle.
• Experience in functional and systems analysis preferred.
• Will independently perform risk analysis/risk assessments and define security requirements.
• Design, develop, and implement solutions to IT system security requirements.
• Collect and organize technical information about existing security products, authorized vulnerability management policies, and procedures.
• Assists with the Security Controls Auditor in validating the security controls and the Risk Management Framework.
• Conduct an analysis of system vulnerability management, remediation solutions, and develop the necessary POAMs.
• Collaborate with internal and/or external security teams regarding audits and security controls.
• Evaluate, tests, monitor, and maintain information security policies, procedures and systems such as hardware, firmware, and software.
• Ensure security design, controls, and procedures are aligned with information security standards and are appropriate to mitigate risk of exposure.
• Identifies security violations, determines cause, and implements procedures to prevent future incidents.

Education/Qualifications for Senior:

• Bachelor's or associate degree in Computer Science, Math, Information Technology, Engineering, or related field or at minimum IT Certification.
• Two (2) years' experience is equivalent to one (1) years of education.

Certification:

• This is an IAM-II Level/. MUST possess any IAM-II Level or equivalent.

Minimum Qualifications:

• Five (5) years of experience in Information security with auditing and IT controls design experience.
• Five (5) years of experience with Security Information and Event Management (SIEM).
• Five (5) years of experience in the risk management framework.
• SECRET Clearance required.
• Basic knowledge of the following: Active Directory, UNIX, Windows, Relational Databases.