BRTRC Risk Management Analyst in Washington, DC, District Of Columbia
BRTRC Federal Solutions is seeking a Risk Management Analyst who will provide support to a large government customer for a multi-year contract.
The selected candidate will perform annual assessment support with in-depth technical security assessments and determine deviations from acceptable configurations, enterprise or local policy, assess the level of risk, and develop and/or recommend appropriate mitigation countermeasures in operational and non-operational situations.
Ideal candidates should have a solid understanding and demonstrated experience with security concepts and frameworks such as the NIST Risk Management Framework (RMF), NIST 800-53 control sets, and general cyber security practices
This is a full-time salaried position, located in Washington, DC.
The analyst will participate in continuous monitoring activities for Information Systems including review of system and application security threats and vulnerabilities, assessment of the robustness of security systems and designs, and remediation plans. The successful candidate will also evaluate how changes to system configurations will impact the security posture and provide guidance to system owners and internal stakeholders on mitigation strategies. Candidates should be analytical, have a strong technical ability, effective task management skills and the ability to communicate effectively. They will be required to maintain security documentation and be able to bridge the gap between technical details and a non-technical audience.
Ability to understand how system level changes can impact the levels of risk to the organization
Knowledge of IA principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)
Demonstrated analytical problem solving and troubleshooting ability
Strong written and oral communication skills, and the ability to communicate technical information to a non-technical audience
Produce complete, accurate, and timely findings reports
Attention to detail
Ability to work independently and in a team
Associate's or Bachelor’s degree in a computer related field such as Computer Science, Engineering, Information Technology, Cybersecurity, or others
At least three (4) years of professional experience in with DIACAP or Risk Management Framework in a government setting
Ability to pass Government background check
Excellent customer service and organization skills
Preferred Education, Credentials and/or Experience:
Prior experience with compliance domains (NIST 800-53, NIST Cyber Security Framework, etc.)
Desired Certifications: CISSP, CRISC, or related.
Desired Software Experience: CSAM, Log Management tools, SIEM
Knowledge of enterprise level design, defense in depth techniques, and current threats and trends in Information Security
Compensation and Benefits:
We provide an excellent compensation package with benefits that include medical, dental, vision, short- and long-term disability, and life insurance. We also provide a generous 401(k) plan following eligibility.
External Company URL: www.brtrc.com
Post End Date: 3/31/2020