Cloud Systems Security Analyst

Overview:

The Security Analyst works within Scrum Agile DevOps teams to ensure that appropriate security controls are included in the design and implementation, data is appropriately protected, and separation of duties is maintained appropriately across all client systems.

If you have technical experience and a passion for making a difference, we might be the right fit for you.

Responsibilities:

• Assist in the design of systems, networks and applications to integrate security protections and features required of applicable security controls.
• Prepare all security documentation required in each step of the RMF process such as System Security Plan (SSP) and security control implementation for NIST SP 800-53 for the information system and ensure its entry into GRC systems (e.g., Archangel, Xacta, or similar)
• Represent the system owner through the assessment process to demonstrate security implementation and control compliance.
• Perform analysis of proposed changes, performing security impact and risk assessments to guide System Owners and Chief Information Security Officers in decision making.
• Perform monitoring of access control, network and system logs, anti-virus and related security threat detection systems.
• Review results of vulnerability assessments assisting customers to prioritize remediation based on risk, implement means to track and report progress.
• Manage and report on security incidents, conducting analysis and assisting operations personnel to contain and recover.
• Schedule and conduct incident response and contingency plan tests.
• Update System Security Plans and Contingency Plans to address changes in the environment, policy and standards.
• Manage the Plan of Actions and Milestones (POA&M) updating based on remediation performed, changes to planned corrective actions and adding new risks detected through monitoring.
• Conducts research on emerging products, services, protocols, and standards in support of security enhancement efforts.
• Supports information security procedures to safeguard against leakage of confidential data and unauthorized access to network environments.
• Works as part of a matrixed team of security professionals, participating with implementation Scrum teams.
• Performance of other duties as assigned.

Qualifications:

Minimum Qualifications:

• BA/BS degree and 3+ years of relevant work experience
• Experience implementing systems the NIST Risk Management Framework end-to-end through all steps (0-6) for Moderate and/or High Impact systems in the cloud, implementing NIST SP 800-53 rev4 and FedRAMP parameters.
• Experience working with cloud services, specifically one or more of Google Cloud Platform (GCP), ServiceNow, Microsoft Azure, Amazon Web Services (AWS), Unqork, or similar.
• Knowledge of business impact analysis methodologies
• Strong analytical and problem-solving skills
• Ability to adapt to potentially ever-changing situations and ability to work well under pressure
• Knowledge of policy, standards and procedure documentation, and policy maintenance
• Ability to present self in a confident and professional manner
• Ability to deal with all levels of individuals, internal and external
• Excellent communication skills, both written and verbal
• Excellent customer service skills

• Prior experience working with federal government clients.
• CISSP, CAP, CISM or CCSP certifications

Clearance Requirements:

• Must have an Active Secret clearance

About Acuity:

Acuity, Inc. is a leading management and technology consulting firm that specializes in serving the federal government. Our innovative, collaborative and rewarding work environment has earned repeat honors from the Washington Business Journal’s Best Places to Work and SmartCEO Corporate Culture awards.

• Innovative Excellence: Recognized by The Washington Post's "Top Workplaces" and a nine-time recipient of the Washington Business Journal's "Best Places to Work," Acuity fosters an environment where innovation thrives and employees flourish.
• Competitive Compensation: We value our employees and show it through highly competitive compensation and benefits packages.
• Personal Growth: Your potential isn't just recognized at Acuity, it's actively cultivated. With tailored training, mentorship, and cutting-edge resources, we empower you to thrive personally and professionally.
• Recognition and Visibility: Stand out in a competitive industry with Acuity's exceptional customer feedback and robust opportunity channels.
• Collaborative Culture: At Acuity, teamwork isn't just a buzzword – it's the cornerstone of our success. Encouragement and support fuel our collaborative culture, where every voice matters.
• Diversity and Inclusion: Diversity isn't just a checkbox – it's who we are. At Acuity, we pride ourselves on recruiting and maintaining a workforce that celebrates diversity and treats every employee with dignity and respect.

Join Acuity, where your talents are valued, your growth is nurtured, and your impact is amplified. Together, let's shape the future of digital strategy and technology consulting.

We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status or any other characteristic protected by law.

#LI-JF1