This job has expired, please see additional jobs below
Security Analyst
Grant Thornton
Alexandria, VA, United States
Job Details - this job has expired, please see similar jobs below
Description
Grant Thornton is seeking a security analyst practitioner with at least 3 years of experience in the Federal and Public Sector environments. Grant Thornton is expanding their Information Assurance and Cybersecurity practice into a proactive and holistic approach at both the execution and CXO levels to both maintain compliance and stay ahead of the latest evolving cybersecurity threats. Achieving the Authorization to Operate (ATO) and FedRAMP authorization for cloud-based solutions is both essential and challenging for Federal clients. A security analyst is essential for determining applicable controls, developing ATO documentation, and supporting all phases of the Risk Management Framework.
At Grant Thornton, our professional staff applies traditional, cutting-edge approaches and methods to a variety of analyses. As part of our team, the Senior Associate will utilize various methodologies and models to execute client projects.
ESSENTIAL DUTIES:
• Creation of system security plans to include content and development of control implementation description responses.
• Mapping of NIST security controls via the SP800-53 series to systems under FISMA or FedRAMP requirements.
• Creation of the FIPS-199 content for the categorization of systems under FISMA and FedRAMP requirements.
• Support to billable projects and clients for security compliance planning and documentation.
• Creation of evidence and artifact repositories for system security plans tracking to applicable security controls.
• Planning and leading system security plan approaches for development of Authorization to Operate (ATO) packages
• Collaboration with security engineers and architects to ensure all controls are met through the design and build process.
• Collaboration with systems engineers and architects for adjustments to design build activities to meet security controls and standards.
• Support to security architect activity to meet security controls objectives.
• Participation in client projects as a security Subject Matter Expert (SME)
• Participation in proposal development as a security SME
• Meet or exceed targeted billing hours (utilization).
• Assist with business development activities, such as proposals, capture, account teams, whitepapers, conferences, and/or other thought leadership materials.
Qualifications
• Top Secret Clearance required
• Preferred Certifications: CISSP, CISM, Security+
• Must be familiar with FISMA and FedRAMP with a solid understanding of the NIST Special Publications (SP) and Federal Information Processing Standards (FIPS) series.
• Must have a basic understanding of information technology, networking, and cloud architectures.
• Basic understanding of operating systems and security baselines (e.g. DISA STIG, CIS, USGCB)
• Bachelor’s Degree required from an accredited college or university in a related field.
• Ability to obtain and maintain certain job-related certifications if no job-related advanced degrees.
• U.S. citizenship may be required. Ability to work in the United States indefinitely required.
• Travel may be required.
• Ability to work overtime required on occasion.
• Ability to sit in an office environment for long periods of time.
• Ability to obtain and maintain a security clearance.
• Ability to communicate clearly in writing and verbally.
• Ability to obtain and maintain firm independence and abide by firm ethics requirements.
• Meet or exceed continuing professional education (CPE) requirements.