Junior Security Compliance Analyst
Summary
Title: | Junior Security Compliance Analyst |
---|---|
ID: | 1111 |
Location: | Garner, NC |
Department: | Application Development |
Description
Do you have the qualifications and desire to start a career in information security, but need experience? WingSwept is looking for a Junior Security Compliance Analyst to assist in documenting, maintaining, developing, and coordinating compliance efforts across our company. This is an entry-level position with ample room for growth.
If this sounds like a good fit for you, please apply today!
Equal Opportunity Employer M/F/Disabled/Veteran
The responsibilities of the position will include:
- Become familiar with the various compliance programs at WingSwept
- Participate in all steps of the Security Authorization and Assessment process for FISMA, FedRAMP, HIPAA systems.
- Participate to develop and maintain system security documentation, including drafting, reviewing, editing and recommending guidance
- Ensure all needed policies and procedures for compliance efforts are written and maintained
- Develop and review system security authorization documentation such as security plans, risk assessments, and security control test reports, contingency plans, and responses to third-party questionnaires and audits
- Assist to maintain all documentation as needed/required
- Participate in security control assessments and audits
- Stay informed of changes to compliance programs
- Gather and maintain artifacts to prepare for audits
- Coordinate with other staff members to ensure POA&Ms are addressed in the required timeline
- Assist to review Security and Compliance scans for remediation by system administrators
- Assist to review and validate Plan of Actions & Milestones (POA&Ms) for each non-compliant control for each managed IT System prior to authorizing closure
- Proper documentation to support the POA&M lifecycle shall be filed and updated as required, including well documented waivers and exceptions detailing the potential risk to the Authorizing Official
- Participate in Cyber Security Incident Response Processes, incident investigations and audit reporting requests
- Ensure appropriate training is given and tracked for staff to meet compliance controls
- Develop a thorough understanding of all configurations, architecture, installed software, accounts (both Operating System and Application), data flows, ports, protocols, and other relevant data for each covered IT System
- Perform as an individual contributor but may oversee or provide direction for work performed by other parties
- Document compliance activities
- Compliance documentation for client requests
- Participate in Information Security Committee meeting to include agenda prep, meeting minutes
- Continuous monitoring documentation
- Associate's degree
- Strong writing skills are required
- Strong analytical and problem-solving skills
- Strong detail orientation, follow-through capabilities, and escalation of key issues
- Able to manage multiple issues at one time
- Work effectively in a dynamic environment where shifting priorities frequently alters work plans
- Highly self-motivated and directed with a desire to learn
- Able to work in a team-oriented, collaborative environment
- Excellent time management and related organizational skills, including appropriate sense of urgency, dependability, a proactive approach, and a suitable ability to anticipate and manage multiple project lifecycle events, issues and obstacles
- Strong organization and coordination skills to work effectively in a multidisciplinary team setting
- High comfort level and understanding of technology
- Experience with Risk Management Framework (RMF), POA&Ms, Security Authorization and Assessments
- Experience conducting and documenting vulnerability assessments
- Knowledge of and experience with NIST SP 800-53, 800-53A, and 800-37
- Understanding of FISMA compliance
- Understanding of FedRAMP
- Experience with Nessus scans, or similar tool
If this sounds like a good fit for you, please apply today!
Equal Opportunity Employer M/F/Disabled/Veteran
This opening is closed and is no longer accepting applications