Join our mailing list

Mazars USA - Information Security Senior FISMA Analyst – Deputy Team Lead

Date Posted: 3/22/2018

Description

Seeking a security professional with experience in managing, implementing and communicating Federal Information Security Modernization Act (FISMA) compliance for the Federal government.  The Senior Analyst is responsible for helping to build and mature the agency’s Information Security Program by focusing on the Risk Management and Security Authorization activities in accordance with the applicable National Institute of Standards and Technology (NIST) 800 series guidelines and the Federal Information Processing Standards (FIPS).  The Analyst will report to the Team Lead while serving as the Deputy Team Lead.  He/she will perform and manage tasks related to the entire Assessment and Authorization (A&A) lifecycle.

Responsibilities

  • Serve as Deputy Team Lead by working closely with the A&A team members on ensuring quality and consistency across daily operational activities and tasks.  Work closely with the Team Lead to report on operations while engaging in ad hoc and proactive tasks required to improve the overall performance of the A&A Program.
  • Ensure that all key reports and metrics are effectively communicated to the team members and Management, as well as across the entire Agency.
  • Train and Assist System Owners, ISSOs and other Stakeholders in understanding documentation and reporting requirements.  Review completed templates to ensure completeness and accuracy
  • Develop and update the information systems security documentation templates (e.g. System Boundary development, System Security Plan (SSP), Contingency Plan, Contingency Plan Test, Business Impact Analysis, FIPS-199, eAuthentication, Privacy Threshold Analysis, etc.) based on changing NIST and federal guidance
  • Respond to multiple customer inquiries regarding A&A utilizing a ticketing system; ensure timely and complete responses occur
  • Help coordinate remediation of Plan of Action and Milestones (POA&M) across the organization
  • Develop and process waivers and exceptions for information system weaknesses and vulnerabilities
  • Develop capabilities briefings and presentations in support of the program
  • Coordinate with ISSOs across the organization to ensure timely compliance with Federal and organizational policies and procedures

Requirements

  • Ability to obtain a public trust
  • BS or BA degree
  • Detailed knowledge of NIST security standards and compliance measurements
  • Extensive working experience in the application of FISMA guidelines including the NIST special publications 800-18, 800-30, 800-37, 800-39, 800-53, 800-53A, and 800-60
  • Leadership and/or Management of an A&A Team in a Federal Agency
  • Strong customer-service attitude, ability to multi-task and work independently
  • Strong in-person, writing and verbal communication skills
  • 7+ years of experience in information security, FISMA, A&A, Risk management, or related discipline
  • 10+ years of overall experience
  • High aptitude for learning (self-study and as a part of a team)

Desired Qualifications

  • Understanding and implementation of Ongoing Authorization and Continuous Monitoring
  • Experience with Archer GRC solution

 Please apply here on the MAZARS website.

View all Jobs