Position Description Our client seeks a motivated security professional to support our client's projects at the National Cancer Institute. The Cloud Security Analyst is responsible for creating and documenting mitigation recommendations. The position is ideal for a talented Cloud Security Analyst who is interested in working in an exciting, growth environment among people passionate about advanced technologies in fight against the cancer. Responsibilities Prepare, validate, and maintain security documentation such as system security plan, risk assessment, contingency plan, Privacy Impact Assessment (PIA), eAuthentication assessment, and FIPS 199 categorization Practical understanding and application of the NIST Risk Management Framework and FedRAMP requirements Work with system owners and technical leads to develop and maintain security documentation required for Authority to Operate (ATO) approval. Manage POA&Ms through remediation as well as develop corrective action plans for each POA&M Ensure compliance with security policies, standards, and procedures Monitor information systems and environments of operations, including developing and updating security plans, managing and controlling changes to information systems, and assessing security impact Coordinate security-related activities with the Information System Security Officers (ISSO), Information System Owners, and common control providers Coordinate vulnerability scanning activities and analysis results Required Qualifications Excited about working with cutting-edge environment scientific environment A minimum of six (6) years of demonstrated responsible job related experience. Experience must include functioning as an analyst or equivalent for compliance auditing, information security, information systems, or related. Able to develop technical documentation and non-technical presentations Demonstrate working knowledge of standards and guidelines for Information Security published by the National Institute of Standards and Technology (NIST) Must have a current International Information Systems Security Certification Consortium (ISC2), Information Systems Audit and Control Association (ISACA), or Global Information Assurance Certification (GIAC) certification or obtain professional certification within six (6) months of hire Working knowledge and expertise required for administering the information security aspects of information systems in compliance with regulations and directives of FISMA, the Office of Management and Budget (OMB), and the Health Insurance Portability and Accountability Act (HIPAA) Preferred Qualifications Regulatory compliance experience related to cloud security Experience with regulatory compliance related to cloud security Master degree Benefits Summary Competitive base salary plus bonus Paid time off Ten paid holidays Medical Insurance Health Savings Account Retirement benefits with employer contributions Dependent Care Flexible Spending Account Life Insurance, Short and Long Term disability