We are Seeking a Cybersecurity Risk Analyst to support cloud hosted (XaaS) solutions at the United States Postal Service. The candidate will have expertise in Risk Management, System Certification & Accreditation (C&A) processes; Information Assurance (IA) processes; achieving system ATOs, and continuous monitoring, all in support of IaaS, PaaS, and SaaS implementations. The successful candidate will experience an unparalleled large-scale enterprise environment with over 800 Information Technology systems, processing billions of dollars in annual revenue and supporting a diverse user base spread across the entire US.
- The candidate will support the mission of the Cybersecurity Risk Management by organizing and preparing for senior level meetings, provide direction to team on activities of the week, support team members in preparing timely deliverable and tracking action items.
- The candidate will lead cyber risk management planning including reporting and tracking.
- The candidate will define clear tasks, communicate topics to leadership through concise and succinct presentations, and organize meeting preparation materials.
- The candidate will drive the review and certification of information technology systems following the USPS CISO policies and procedures (modeled based on NIST RMF).
- The candidate will manage action items, work to resolve issues, and identify and document system risks and vulnerabilities.
- Providing input to and develop, write, edit and submit documentation in support of the project deliverables.
- Work closely with the system teams and program/project managers as well as interfacing with CISO and CIO stakeholders as needed.
- Lead the development of risk management by creating plans, procedures, protocols, and evaluation measures and ensuring there are desired levels of enterprise-wide IA/IS.
Required Skills and Experience
- Bachelor's degree in Information Technology or a relevant Cybersecurity field, and 5+ years of overall experience.
- 3+ years of experience working as a Risk, Information Assurance, or Information Systems Security Analyst.
- Strong knowledge of the NIST Risk Management Framework (RMF) and security controls is required.
- The candidate must have experience with identifying and assessing risks within Cloud environments, including the unique risks associated with SaaS, PaaS, and IaaS implementations.
- Candidate should have experience with Microsoft's Azure IaaS and PaaS offerings, as well as O365 SaaS.
- This candidate must understand the risk management process, risk mitigation, and risk tracking.
- Hands on experience creating ATO packages, and continuous monitoring compliance in a large-scale enterprise environment is required.
- Experience working with leading edge technologies and innovative risk compliance and mitigation processes (automated monitoring, automated ATOs, etc.).
- Must have strong communication skills, both oral and written, with excellent interpersonal, team and organization skills.
- Must have strong knowledge of MS Office products to include PowerPoint, Word, Excel, and Outlook.
- A self-starter with proven abilities to collaborate and gather information from multiple teams.
- Certification in one or more of; Systems Security Certified Practitioner (SSCP), CompTIA Security+, CPTE - Certified Penetration Testing Engineer, CEH - Certified Ethical Hacker, or Certified Information System Security Professional (CISSP)
- Demonstrable experience with Security Operation tools inclusive of products from SPLUNK, FireEye, Looking Glass, Intel, Endgame, StealthWatch, RSA, and Tanium
Required Clearance
Candidates must be able to obtain a Postal Sensitive Clearance (US Citizenship or Green Card required). Additionally, candidates must not have traveled outside of the USA for a combined period not to exceed 6 months within the last 5 years.
Please apply online: https://niksoft.applicantpro.com/jobs/1429492.html
EOE M/F/Disability/Vet
Login 
