WORK@WINGSWEPT

Grow Your Career With Us

Working at WingSwept >> Junior Security Compliance Analyst
Junior Security Compliance Analyst
Summary
Title:Junior Security Compliance Analyst
ID:1111
Location:Garner, NC
Department:Application Development
Description
Do you have the qualifications and desire to start a career in information security, but need experience? WingSwept is looking for a Junior Security Compliance Analyst to assist in documenting, maintaining, developing, and coordinating compliance efforts across our company. This is an entry-level position with ample room for growth.


The responsibilities of the position will include:

  • Become familiar with the various compliance programs at WingSwept
  • Participate in all steps of the Security Authorization and Assessment process for FISMA, FedRAMP, HIPAA systems.
  • Participate to develop and maintain system security documentation, including drafting, reviewing, editing and recommending guidance
    • Ensure all needed policies and procedures for compliance efforts are written and maintained
  • Develop and review system security authorization documentation such as security plans, risk assessments, and security control test reports, contingency plans, and responses to third-party questionnaires and audits
  • Assist to maintain all documentation as needed/required
  • Participate in security control assessments and audits
  • Stay informed of changes to compliance programs
  • Gather and maintain artifacts to prepare for audits
  • Coordinate with other staff members to ensure POA&Ms are addressed in the required timeline
  • Assist to review Security and Compliance scans for remediation by system administrators
  • Assist to review and validate Plan of Actions & Milestones (POA&Ms) for each non-compliant control for each managed IT System prior to authorizing closure
    • Proper documentation to support the POA&M lifecycle shall be filed and updated as required, including well documented waivers and exceptions detailing the potential risk to the Authorizing Official
  • Participate in Cyber Security Incident Response Processes, incident investigations and audit reporting requests
  • Ensure appropriate training is given and tracked for staff to meet compliance controls
  • Develop a thorough understanding of all configurations, architecture, installed software, accounts (both Operating System and Application), data flows, ports, protocols, and other relevant data for each covered IT System
  • Perform as an individual contributor but may oversee or provide direction for work performed by other parties
  • Document compliance activities
  • Compliance documentation for client requests
  • Participate in Information Security Committee meeting to include agenda prep, meeting minutes
  • Continuous monitoring documentation
Minimum Qualifications:
  • Associate's degree
  • Strong writing skills are required
  • Strong analytical and problem-solving skills
  • Strong detail orientation, follow-through capabilities, and escalation of key issues
  • Able to manage multiple issues at one time
  • Work effectively in a dynamic environment where shifting priorities frequently alters work plans
  • Highly self-motivated and directed with a desire to learn
  • Able to work in a team-oriented, collaborative environment
  • Excellent time management and related organizational skills, including appropriate sense of urgency, dependability, a proactive approach, and a suitable ability to anticipate and manage multiple project lifecycle events, issues and obstacles
  • Strong organization and coordination skills to work effectively in a multidisciplinary team setting
  • High comfort level and understanding of technology
Additional Consideration Given:
  • Experience with Risk Management Framework (RMF), POA&Ms, Security Authorization and Assessments
  • Experience conducting and documenting vulnerability assessments
  • Knowledge of and experience with NIST SP 800-53, 800-53A, and 800-37
  • Understanding of FISMA compliance
  • Understanding of FedRAMP
  • Experience with Nessus scans, or similar tool

If this sounds like a good fit for you, please apply today!

Equal Opportunity Employer M/F/Disabled/Veteran

Alternatively, you can apply to this job using your profile on one of the following sites:


Powered by ApplicantStack