Senior Information Security Analyst
- Full-time
Company Description
Qmulos is recruiting cybersecurity specialists who want to challenge themselves by working with brilliant people to solve some of today’s most important cybersecurity problems. As an emerging cybersecurity software and consulting company in the heart of Washington D.C., we need highly motivated individuals who think of big ideas, work well with others, and can help solve game-changing problems. We need creative people whose intelligence is matched only by their grit. Among only a small group of Silicon Valley-style startups in D.C., Qmulos you’ll work with industry trailblazers and global private-sector and public-sector clients to help solve national security problems.
Job Description
- Research, verify and document information security controls using the Federal Certification and Accreditation (C&A) processes.
- Propose, communicate, and enforce security policies, procedures and methodologies.
- Collect, compile, and report IA and CND metrics relating to Connection Approval Process, Certification and Accreditation Compliance, Information Assurance Vulnerability Management Compliance, Inspection Compliance Status, and FISMA Compliance.
- Analyze reports from vulnerability assessment scanners, patch management tools, and emerging threat information to advise on the risk and remediation of security issues.
- Develop Plan of Action and Milestones (POA&Ms) for identified vulnerabilities to initiate, coordinate and track the patching and remediation of security weaknesses.
- Conduct reviews: security authorization documents, event logs, security incidents.
- Report on security status and security incidents.
- Coordinate Authorization packages.
Qualifications
- Bachelor’s Degree (Preferable: Computer Science, Information Systems, Software Engineering or other related analytical, scientific, or technical disciplines)
- 5-7 years experience in IT security, including Certification and Accreditation and/or IT security risk analysis/advice, preferably in support of the Federal government.
- Knowledge of Federal government C&A practices and policies (Preferable: ICS 503, FISMA, NISP SP 800-53, and DHS 4300)
- 5-7 years experience with information assurance tools preferred
- 5+ years experience working directly with a federal client
- CISSP (Preferred)
- Ability to work independently and also collaborating closely with project managers, engineers, and others
- Working knowledge of Ongoing Authorization with in the NIST Framework
- Excellent written and oral communication skills
Additional Information
All your information will be kept confidential according to EEO guidelines.