Cybersecurity Analyst

Summary

Join BAO Systems, a leader in digital data solutions, as a Cybersecurity Analyst. You will be responsible for developing and implementing security policies and procedures to protect sensitive government data. This role requires expertise in FedRAMP, FISMA, and other federal regulations. You will collaborate with IT professionals, respond to security incidents, and stay current on industry best practices. A Bachelor's degree in a relevant field and 3+ years of experience as a business or security analyst are required. The position requires the ability to obtain a Moderate Risk Public Trust (MRPT).

Requirements

• 3+ years of experience working as a business or security analyst
• A Bachelor’s Degree in Information Technology, Cyber Security, Computer Science, or Engineering
• Demonstrated knowledge and expertise of the FedRamp authorization process and documentation
• Ability to work independently and manage multiple projects/assignments/responsibilities in a fast-paced environment
• Strong verbal and written communication skills
• Demonstrated problem solving and critical thinking skills
• General Information Technology and computer networking knowledge
• Ability to obtain a Moderate Risk Public Trust (MRPT)

Responsibilities

• Analyze, document, and ensure compliance with OMB Circular A-130, Federal Information Security Management Act (FISMA), and other federal laws and regulations, FIPS Standards, NIST guidance, as well as FedRamp
• Assist with FedRamp documentation and controls for platforms that will be gaining FedRamp authorization
• Assist with reporting and communication requirements such as Plan of Action and Milestones, Security Control Assessment Plan, and Security Assessment Report
• Operational support for information security tool alerts, triaging, and maintenance
• Execute on information security activities such as vulnerability management, application development security, business continuity, networking, risk management, etc
• Work with team members to assess security controls and evaluate security posture of organizational internal controls
• Evaluate third party relationships for compliance to organization security standards
• Serve as Subject Matter Expert (SME) on information security related projects and initiatives assigned
• Respond to security incidents, investigate breaches, and take appropriate action to mitigate risks and prevent future incidents
• Stay up-to-date with the latest security trends and best practices, and make recommendations for improvements to the organization's security posture
• Provide logistical and administrative support and materials for meetings and monthly working groups