Cyber GRC Analyst - Senior

Washington, District Of Columbia
Apr 13, 2021
May 18, 2021
Full Time

The Cyber GRC Analyst - Senior will be responsible for supporting vendor and assigned ISSM efforts to develop RMF packages and providing relevant cybersecurity expertise. The Cyber GRC Analyst - Senior will develop systems RMF supporting documentation in accordance with agency policies and procedures ensuring that Assessment & Authorization (A&A) packages are complete, and systems compliance is met for the Authorizing Official (AO).

  • Support and coordinate workflow, activity, and documentation necessary to achieve successful RMF Assessment & Authorization (A&A) efforts for various environments, including the following:
  • Coordination among many different stakeholders, including Security Engineers, Network Administrators, System Administrators, Information Assurance Managers (IAMs)/Information System Security Managers (ISSMs and representatives), program managers, and vendors which is necessary to properly identify, document, mitigate, and manage risks attributed to the target system, network, and/or application
  • Identify and develop directly or in coordination with applicable experts and incorporate common artifacts found in an RMF A&A package, i.e.: system architecture and authorization boundaries, hardware and software inventories, risk assessment reports, POA&Ms, data flows, and other necessary system documentation
  • Other duties as assigned

  • Bachelor's degree and 5+ years of experience OR
  • Master's degree and 3+ years of experience OR
  • PhD and 0+ years of experience
  • 5+ years of experience in writing and editing documents
  • Background check required

Knowledge, Skills and Abilities
  • Ability to obtain a public trust clearance
  • Ability to facilitate IT business process discussions with customers, create Visio workflows, identify process bottlenecks, and potential improvements.
  • ITIL Foundations v3 or v4 preferred.
  • 1-2 years' experience with FISMA/OIG (NIST 800-53 based controls) security audit requests, including request/response management, quality checks of audit evidence, and storing of evidence for year-over-year reuse is desired.
  • Ability to work independently and yet be effective within a team setting.
  • Ability to manage multiple efforts with time related constraints in a fast-paced contracting environment.
  • Ability to effectively communicate and collaborate with diverse internal and external stakeholder groups and individuals.
  • Friendly presence, helpful attitude, good interpersonal skills, and ability to work well with others.
  • Excellent skills in Microsoft Word, Excel, and other Office applications.
  • Experience working in a home office setting.
  • Ability to train end users on frequently asked technical issues.
  • Ability to provide technical assistance and support over the phone with good phone skills and a professional demeanor.
  • Previous customer service experience strongly desired.
  • Good problem-solving skills with the ability to visualize a problem or situation and think abstractly to solve it.


Similar jobs