logo

Career Opportunities

Security Policy/Compliance Analyst (Mid Level)

Job Location: Woodlawn, MD
Positions Available: 2
Hours per Week: 40+
Years of Experience: BS 8 years or MS 6 years
Education:
Benefits:
Job Description:

We are seeking a Security Policy/Compliance Analyst who will develop and implement Security Policy and/or validate Security Compliance against policies to help improve the client’s ability to reduce the impact of security threats. The Security Policy/Compliance Analyst will assist in prioritizing, defining strategy and managing identified security Plans of Action and mitigation (POAMs). May analyze and prioritize the outcomes to develop mitigation strategies utilizing current security platforms or recommendations for new security architectures. The Information Systems Security Policy/Compliance Analyst keeps current on advances in the field of Federal IT, and provides analytical guidance to the project team. The Information Systems Security Policy/Compliance Analyst may act as a customer contact for technology, lead technical review sessions with customer.


The qualified applicant will become part of Northrop Grumman's Information technology support services contract for the SSA.


Description of Work:

• Perform as a Security Policy/Compliance analyst

· Work onsite with the customer’s technical teams and leadership to build relationships and find ways to leverage and maximize technical investment recommendations

· Assist with RFP technical proposal responses, as needed

· Assist Cloud Architects in establishing a strategy and approach to transform customer infrastructure and development environment to a Cloud based solution

· Developing Security Policies and/or ensuring Security Compliance for Cloud implementations

· Drive security requirements for the customer, integrating multiple capabilities and scenarios supporting the cloud implementations

· Provide Security Policy and/or Security Compliance expertise to managers and technical staff, and the customer

· Function as a Security Policy and/or Security Compliance expert on project assignments, and must possess the ability to apply a comprehensive knowledge across key tasks and high impact assignments.

· Plan and lead Security Policy and/or Security Compliance assignments, with the potential to supervise others in doing so.

· Demonstrates strong oral and written communication skills, with the ability to communicate technical topics to management and non-technical audiences, as well as interface with the senior customers on a daily basis

· Ensure HIPAA violations do not occur within the program by taking a proactive role in the constant vigilance and rigor to emphasize HIPAA compliance throughout all levels of the program (systems, personnel, and data). To be fully aware of all PHI/PII within their respective program and how it is protected.


Basic Qualifications:

Minimum knowledge, skills, abilities.

· Bachelor’s degree in Business, Computer Science, Information Technology, Information Systems, Systems Engineering, or related disciplines and 6 years of experience; Master’s degree in Business, Information Technology, Information Systems or related disciplines and 8 years’ experience; or 13 years of experience will satisfy the education and experience requirement.

· 5+ years of experience working as a Security Policy or Security Compliance as a Cyber Security, IT Security, or Information Assurance analyst

· 3+ years of experience with developing security policies, processes, and procedures in the federal government

· 3+ years of experience with assessing new security laws, policies, or standards to determine program-level impact

· 3+ years of experience with the NIST Risk Management Framework and SP 800 issuances, continuous monitoring, and information system security policies, standards, and procedures

· Must have a solid understanding of cloud deployment, security policy requirements and assessments, and service models as defined by the National Institute of Standards and Technology (NIST).

· Ability to perform an IT audit and develop a comprehensive risk assessment process; on multiple CSPs and services offerings such as Microsoft Office 365 and SharePoint.

· Ability to obtain a position of public trust.

· Must be US Citizen or US Permanent Resident



Preferred Qualifications:

Candidates with these skills will be given preferential consideration.

  • Bachelor’s degree in Business, Computer Science, Information Technology, Information Systems, Systems Engineering, or related disciplines and 9 years of experience; Master’s degree in Business, Information Technology, Information Systems or related disciplines and 7 years’ experience; or 13 years of experience will satisfy the education and experience requirement.
  • 5+ years of experience working as a Security Policy or Security Compliance as a Cyber Security, IT Security, or Information Assurance analyst
  • 3+ years of experience with developing security policies, processes, and procedures in the federal government
  • 3+ years of experience with assessing new security laws, policies, or standards to determine program-level impact
  • 3+ years of experience with the NIST Risk Management Framework and SP 800 issuances, continuous monitoring, and information system security policies, standards, and procedures
  • Must have a solid understanding of cloud deployment, security policy requirements and assessments, and service models as defined by the National Institute of Standards and Technology (NIST).
  • Ability to perform an IT audit and develop a comprehensive risk assessment process; on multiple CSPs and services offerings such as Microsoft Office 365 and SharePoint.
  • Ability to obtain a position of public trust.
  • Must be US Citizen or US Permanent Resident
Other:
 

 

 

Scientific Systems and Software International Corporation
5523 Research Park Drive, Suite 260 - Baltimore MD 21228 - 410-715-5700
Copyright © 2008 SSSI. All rights reserved.