Zero Trust Cyber Security Analyst

Cyber Security Specialist – With Zero Trust
Job Summary
The Cyber Security Specialist will be responsible for supporting the recommendations for the implementation of Zero Trust Architecture within a broader enterprise risk management program. The Specialist will be responsible for providing subject matter expertise, direction, guidance, tracking and support on multi-factor authentication, security engineering, cyber security, risk management, continuous monitoring, and business processes that support a metric-driven environment. The Specialist will work directly with our client’s information system security officers (ISSO)s in support of the implementation of zero trust architecture, and attainment of enterprise-wide program objectives. The successful candidate will have in depth knowledge of NIST SP 800-53 and Risk Management Framework. Additionally, in this role, the employee will support efforts to improve overall security practices by raising general information security awareness and best security practices.

LOCATION: Remote
SALARY RANGE: $110,000 - $120,000 (based on education and years of experience)
JOB RESPONSIBILITES

• Support development of a baseline multi-factor authentication inventory
• Support development of whitepapers, roadmaps, summaries of opportunities, and other Zero Trust related documentation
• Document assessment activities and results in sufficient detail in monitoring database to enable external review of all assessment processes, artifacts, activities, results, and conclusions.
• Evaluate the impact on system security of proposed changes and reporting on that impact to the Information System Owner and the agency Cybersecurity Program Manager.
• Identify, in conjunction with the change management board (CMB), pending system or environmental changes that may necessitate recertification and reaccreditation of the system.
• Provide monthly artifact tracking and metrics information.
• Provide guidance to key stakeholders on the necessary components to demonstrate the achievement of objectives.
• Serve as a consultant to information system security owners, providing expertise with respect to risks and controls, analyzing the impact of process changes on the control structure, and driving solutions to process owner barriers.
• Effectively utilize leading practices, frameworks, methodologies such as NIST, COBIT, ISO, ITIL, etc.
• Other duties as assigned.

REQUIRED EXPERIENCE

*
Experience/Skills: *

• 5-7 years of full-time work experience in IT risk management
• 5 years of experience with Federal Government security processes and procedures, specifically Assessment and Authorization, continuous monitoring, and FISMA compliance.
• Familiarity with Cyber Security Assessment and Management tool (CSAM) a plus
• Strong Familiarity with NIST SP 800-53 guidance and Risk Management Framework principles
• Proven ability to lead groups, manage project deliverables, and maintain client relationships.
• Exceptional interpersonal skills, including teamwork, facilitation, and negotiation.
• Strong leadership skills: ability to function effectively in a dynamic environment.
• Must be detail-oriented with excellent analytical, technical, and organizational skills.
• Excellent written, verbal, presentation, and facilitation skills.
• Proficient in the assessment of control design and operational effectiveness.
• Proficient in Microsoft Excel, Word, PowerPoint, and Visio.
• Proven ability to interface effectively across all levels of management.
• Proven time and project management skills

Clearance Required: Public Trust minimum, higher a bonus

Industry certifications: Not required but a bonus. Examples are such as CISSP, CISA, CISM, ITIL, CRISC, SANS GIAC, Security +, etc.

Job Type: Full-time

Pay: $110,000.00 - $120,000.00 per year