Job posting has expired
Security - Cybersecurity & Privacy Compliance Analyst (Sr.)
 Quadrant, Inc. | |
 | |
 Apr 09, 2025 | |
|
Sr. Cybersecurity & Privacy Compliance Analyst Rosslyn, VA Pay From: $100,000 Per Year MUST: Experienced Cybersecurity & Privacy Compliance Analyst Active Secret Clearance required Certification in at least one of the following CISSP (Certified Information Systems Security Professional) CASP (CompTIA Advanced Security Practitioner) CGRC (Certified in Governance Risk and Compliance) 3-5 Yrs Experience as an Information Systems Security Officer or Manager 3-5 yrs Experience with using cybersecurity tools such as Splunk, CrowdStrike, and Qualys 3-5yrs Experience with hardening servers, workstations, routers, switches, and mobile devices in accordance with CIS or STIG guidance Must have a solid understanding of NIST RMF, NIST CSF, and similar IT Compliance and Privacy regulations Solid understanding of cloud security architecture within multiple cloud services (AWS, GCP, Azure) BS in Computer Science, Mathematics, Information Management, or related field DUTIES: Responsible for performing all functions required to support day-to-day security compliance operations to enable the organization to continually demonstrate compliance NIST Risk Management Framework (RMF), Cybersecurity Framework (CSF) and Privacy Framework Function as an Information Systems Security Officer (ISSO) assisting in the implementation of security programs to assess and minimize the impact of system and program level cybersecurity and privacy risks Develop and maintain assessment and authorization artifacts needed for the agency's authority to operate (ATO) in accordance with the most current federal FISMA requirements under SP 800-37 and implement SP 800-53 required security and privacy controls, policies, and procedures. (e.g. security plans, privacy artifacts, disaster recovery plans, business continuity, plan of actions and milestones, etc. Lead FISMA audit data gathering and response activities Review and provide recommendations for security risk exceptions Lead development of Plans of Actions and Milestones and track progress towards completion Review and coordinate response to CISA issued Emergency Directives, Binding Operational Directives, and other data calls Analyze reports from security and privacy monitoring tools such as vulnerability scanners, SIEM tools, Endpoint Detection and Response tools, Data Loss Prevention, and Phishing/Spam email filtering tools and coordinate corrective actions with Information Technology team members Ensure uniform controls for the secure configuration of technical assets are implemented, including mobile computers and devices (i.e., laptops, iPads, iPhones), according to Federal recommendations and requirements. (e.g., CIS Benchmarks, DISA STIGs, etc.) Prepare monthly reports and dashboards that detail security and privacy program metrics, vulnerability and configuration findings, provide recommendations for remediation, and time frames by which remediation activities should be completed Perform security reviews of proposed applications/technologies and changes to production applications/technologies to provide recommendations for security & privacy control requirements and/or approval for usage Collaborate with key customer stakeholders to formulate comprehensive security strategies and implementation procedures in response to findings Quadrant is an affirmative action/equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, status as a protected veteran, or status as an individual with a disability. "Healthcare benefits are offered to all eligible employees according to compliance mandated by the Affordable Care Act". | |