Summit Technologies Inc. is seeking an Information Systems Security Analyst to support our government client. The Information Systems Security Analyst will support IT management with control assessment, development, and maintenance, and risk assessment and response development.
This is a hybrid role based in Washington, DC. Candidates must be eligible for a Public Trust clearance.
Duties Responsibilities:
- Develop and maintain IT security controls per NIST SP 800-53 and Agency Security Policy standards.
- Collect and validate control implementation statements from subject matter experts.
- Consult with experts to ensure work instructions align with agency security standards.
- Conduct risk assessments for security issues and propose resolutions.
- Communicate and document control deficiencies for POAM consideration.
- Support Continuous Security Monitoring for compliance with agency security policy.
- Assist in developing security policies to ensure compliance.
- Conduct security reviews for changes impacting hardware, software, baselines, connections, or applications.
- Review and assess POAM outputs and recommend additional work or closure.
- Support IT Governance, Risk, and Compliance activities, including standards management.
- Provide information for status reports, briefings, schedules, and project plans in written and oral form.
- Stay updated on IT trends and security standards.
- Provide high-quality deliverables with minimal edits, quick review, and feedback on federal security doctrine.
- Experience with NIST Risk Management and Cybersecurity Framework, FISMA, NIST 800-53, and IT control processes.
- Familiarity with GRC frameworks/tools (RSAM, CSAM) and SAA tools (Xacta).
- Knowledge of cyber-attack patterns, Tactics, Techniques, and Procedures.
- Ability to adapt security processes and tools to evolving landscapes and risk scenarios.
- Understanding of PKI, encryption, hashing techniques, and OMB circulars A-123, A-130.
- Fluency in spoken and written English for technical content.
- Experience working in a fast-paced environment.
- Possess outstanding customer service skills.
- Ability to explain complex policies in simple terms.
- Excellent analytical thinking and problem-solving skills.
- Bachelor degree with five years relevant IT experience or
- Graduate degree with three years relevant IT experience.
- One of the following security certifications (CISSP, CISM, Security+).
- All candidates must be eligible to obtain a Public Trust Clearance.
- Updated resume including MM/YYYY for each employer.
- Best times/dates to interview (plus phone # you can best be contacted at).
- Availability to start once given formal offers.