is an information technology services company that was founded to create innovative forward-leaning solutions to enhance the capabilities of our customers. GCyber engineers have satisfied the technology needs of the U.S. Government for over 20 years. We maintain relationships with key researchers, scholars, and analysts who have specialized expertise in the federal market. GCyber’s broad experience, focus toward desired outcomes, and commitment to innovation ensures responsive and long-lasting results.
The Mid IA Analyst
is responsible for working across teams to evaluate packages for completeness and their readiness to undergo assessment, drive key aspects of continuous monitoring requirements, and contribute to continuous improvements within the FedRAMP program. This effort includes refining processes where needed to attain and maintain FedRAMP certification, leading related communications, and enablement, and managing overall program governance and documentation.
Required Skills and Experience:
- Participate in rapid assessment teams to identify gaps, risks and remediations for information system
- Identify FedRAMP Boundary components in customer deployments
- Coordinate with internal stakeholder engineering teams to demonstrate the implementation of security compliance control implementations for technical, management, and operational requirements
- Perform vulnerability and compliance scanning, when necessary, to analyze results, provide assessments and reviews
- Audit security control to ensure compliance with cloud requirements and governance models
- Support the development of technical material, operational processes, security policies, and other core documents
- Manage compliance metrics
- Manage and track Plans of Action and Milestones (POA&Ms)
Clearance and Certifications:
- Experience writing technical documentation and knowledge of Cloud and Security concepts (including FIPS 199, NIST 800 Series REV 4, FISMA A&A, continuous monitoring, and POA&M management)
- Experience with writing, editing, and/or managing a wide variety of IT security documentation and familiarity with federal IT standards such as Federal Information Security Management Act (FISMA)
- Experience interviewing subject matter experts and using knowledge to develop, edit, and revise documentation including standard operating procedures, system security plans, and policies and procedures.
- Experience with the production and/or editing of technical drawings using MS Visio or similar design tools.
- Understanding of Third-party Assessment Organizations (3PAO)
- FedRAMP (Federal Risk Authorization Management Program)
- FISMA (Federal Information Systems Management Act)
- NIST RMF (Risk Management Framework) Supporting Systems Security Assessment and Authorization (SA&A) for Federal Agencies
- Privacy Impact Assessment (PIA)
- Must have an active TS/SCI clearance
For more information about GCyber please visit our website at http://www.gcyber.com. Also please stay in touch and track future job openings by following us on LinkedIn http://www.linkedin.com/company/gcyber.
By submitting your resume for this position, you understand and agree that GCyber may share your resume, as well as any other related personal information or documentation you provide, with its partners and affiliated companies for the purpose of considering you for other available positions.
GCyber is an Equal Opportunity/Affirmative Action Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identify, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state, or local law.