Information Security FISMA Analyst

1099 short to long term contract at the National Institute of Health in Bethesda, MD with free parking

1099 rate: $70-$80 an hour

This firm is the incumbent with a re-compete coming in the next 3-5 months. Currently there are two months remaining with three 1-month extension options. With their strong team they fully expect to win the re-compete which should be a 3-5-year opportunity.

Public Trust clearance strongly desire, but the firm will get you one while you work on the contract.

$70-$80 an hour. FLEX-TIME from 7 am to 9:30 am to start. Preferred hours are 9-5:30 with a 30 minute non-billable lunch. (Teleworking opportunity may be available after certain criteria is met)

Do you want to be part of something substantive?

Do you want to be with a firm where the owners know your name?

Do you wanted to be treated with respect and valued for your skills?

If you answered yes, then this is the firm for you!

This highly experienced woman owned government contractor is looking for extraordinary technical, management, and subject matter experts to help continue to build their great company and reputation. The firm is a woman owned Small Business professional services firm founded with the belief that they make a difference in the business of their clients and in the lives for their contractors through respect, professionalism, sense of humor and growth. They offer management consulting and information technology services across a wide spectrum of Federal Agencies. They serve the National Capital Region.

They work:

To enrich the lives of the people who come in contact with us.

To learn and adapt.

To be driven and ambitious.

To embrace individual contribution.

This growing organization seeks a critical thinking Information Security FISMA Analyst with experience in implementing and communicating Federal Information Security Modernization Act (FISMA) compliance for the Federal government to join an experience and stable team providing governance and oversight for the A&A program for a large Federal entity.

The Analyst is responsible for helping to build and mature the agency’s Information Security Program by focusing on the Risk Management and Security Authorization activities in accordance with the applicable National Institute of Standards and Technology (NIST) 800 series guidelines and the Federal Information Processing Standards (FIPS). He/she should have strong organization and communication skills, with the ability to regularly update Management on project/task status and risks, while also working with individual team members on details when needed. The Analyst will report to the Team Lead and perform and manage tasks related to the entire Assessment and Authorization (A&A) lifecycle.

They need a forward critical thinking individual with the ability to contribute to strategic discussions on Program improvements and then lead the execution and tactical implementation of new initiatives; Train and assist System Owners, NIH Security Staff and other Stakeholders in understanding A&A documentation and reporting requirements; Review A&A templates and deliverables created by others to ensure completeness, accuracy and quality; Respond to customer inquiries utilizing a ticketing system to provide timely and complete responses; Ensure information systems security documentation templates (e.g. System Boundary development, System Security Plan (SSP), Contingency Plan, Contingency Plan Test, Business Impact Analysis, FIPS-199, e-Authentication, Privacy Threshold Analysis, etc.) remain up to date based on perpetually changing NIST, HHS and other guidance; Ensure other guidance and training provided by the organization remain up to date and offer suggestions for improvement; Ensure the proper management of all Plan of Action and Milestones (POA&M) across the organization; Work with team members and Management to develop reports, capabilities briefings and presentations in support of the program; Coordinate with ISSOs across the organization to ensure timely compliance with Federal and organizational policies and procedures; Produce required reporting for various management level

You must have or the ability to have a current Public Trust Clearance or the ability to obtain one; BS or BA degree (relevant work experience may be substituted for degree); CISSP, CAP, CRISC or other related certifications (relevant work experience may be substituted for certifications); Strong customer-service attitude, ability to multi-task, organizational skills and the ability to work independently while keeping Management informed and up to date; 3+ years of experience in information security, risk management, or related discipline; Detailed knowledge of NIST security standards and compliance measurements; Working experience in the application of FISMA guidelines including the NIST special publications 800-18, 800-30, 800-37, 800-39, 800-53, 800-53A, and 800-60; Ability to apply FISMA compliance to the real world to assist clients with overcoming implementation challenges; Strong critical thinking with ability to find multiple solutions for a single problem; High aptitude for learning (self-study and as a part of a team)

A fully job description will be provided at time of interview.

Flex-time: Start as early as 7 am, (40-hour work week with a 30 minute non-billable lunch) M-F, (teleworking opportunity may be available after certain criteria is met); 1099 hourly rate: $70-$80

​