Job Title : Senior Information Security Analyst
Supplier Name : Accede Solutions
Job Location : Columbia, MD (2 day work from office and 3 days work from home )
Duration : 6 month (Contract to Hire)
Shift : Monday to Friday (Business Hours)
Rate/Day : $47-55/hr. on W2(Without Benefits) after conversion the salary would be $90-$110k/yearly along with benefits.
Job Description:-
As a Senior Information Security Analyst , you will be a key member of our security team, responsible for safeguarding our organization's systems and data from cyber threats. Your primary focus will be assessing security risks, developing and implementing security measures, and ensuring compliance with regulations, contractual requirements, and established policies and standards. You will play a crucial role in supporting our Federal business teams and must have an understanding of Fed RAMP, NIST 800-53, HIPAA, and/or FIPS. This role requires expertise in cyber security practices, excellent analytical skills, and the ability to collaborate effectively with cross-functional teams. Our preferred candidate will have experience with one or more Federal agencies including CMS, HHS, or HRSA.
This role is expected to be in the office two days per week so only candidates within reasonable commuting distance to our Columbia, MD, or West Des Moines, IA office locations will be considered.
Essential Functions
· Develop and implement security standards, policies, and procedures to safeguard resources ensuring compliance with HIPAA, NIST, Fed RAMP, and/or HITRUST requirements.
· Evaluate security and privacy risks by balancing business drivers, best practices, and external drivers. Provide proactive solutions or recommendations through collaboration across business units.
· Security Operations and Vulnerability Management
· Support vulnerability management activities. Validate creation, documentation, and completion of Plans of Action and Milestones (POA&Ms)
· Lead computer security incident response efforts including but not limited to preparing executive summaries, recommending mitigation strategies, and tracking remediation efforts.
· Facilitate BCP/DR planning including coordination of documentation and testing.
· Lead the creation and ensure the ongoing maintenance of documentation for multiple systems including but not limited to risk assessments, privacy impact assessments, and security plans. Validate compliance of documentation with government and industry standards.
· Maintain accurate and up-to-date documentation of incidents, tickets, vulnerabilities, and compliance activities.
· Work closely with Federal contract teams to ensure implementation of security controls and best practices as required by the contract.
· Stay current with industry trends, emerging threats, security technologies, and pertinent regulations.
· Provide guidance and mentorship to junior members of the security team.
· Be timely with response, use professional communication, and approach vulnerability and risk management from the perspective of business enablement.
Requirements
· 5-7 years of work experience in IT in one or more areas of infrastructure, application development, database, and systems management
· 3 or more years of experience must be in an information security role with demonstrated working knowledge of information security, federal and state rules and regulations, company/business unit operations, compliance policies, procedures, and/or programs in the area of assignment
· 2-year degree in Information Technology, Information Security, or related field and/or equivalent training and/or experience.
· Bachelor's degree in Computer Science, MIS, Information Assurance, or a related field is preferred
· Experience working with fed RAMP, NIST 800-53, HIPAA, and/or FIPS
· Industry-standard certification (CISSP, SSCP, GSNA, or CISA) is preferred.
· Experience with NIST, ISO, and HIPAA requirements/guidance is highly desirable