Senior Information Security Analyst
Philadelphia, Pennsylvania, United States
Applications have closed
SoluStaff
Unlock the full potential of your organization with Symmetrio, a top Staffing and Recruiting company in the Philadelphia region.SoluStaff is actively recruiting a Senior Information Security Analyst for our customer, a large government organization in Philadelphia, PA. The Senior Information Information Security Analyst will review our client's existing IT policies and procedures applicable to NIST control families, identify gaps and updates needed to meet NIST 800-53 controls, and make written proposals for changes to our customer's information security organization. The Senior Information Security Analyst will also write procedures for NIST control families such as Access Control, Audit and Accountability, and Contingency Planning. They will validate the usability and accuracy of the written procedures with the customer project manager. The candidate will write process workflows for the identified procedures, which will show the step-by-step process documented in a diagram/illustration.
Responsibilities
- Review the existing IT policies and procedures applicable to NIST control families and identify gaps and updates needed to meet NIST 800-53 controls.
- Write proposals for changes to the security team lead, explaining the rationale for the change and providing recommended text changes that can easily be incorporated into the policy.
- Write procedures for NIST control families such as Access Control, Audit and Accountability, and Contingency Planning.
- Validate the usability and accuracy of the written procedures with the project manager.
- Write process workflows for the identified procedures, which will show the step-by-step process documented in a diagram/illustration.
- Communicate via secure video conference calls, emails, and SharePoint (or similar secure document sharing platform) with core operations teams, compliance manager, and security team leadership to prepare drafts and complete final documents.
- Consider how to limit the number conversations with core operations staff to maximize information gathering and validation in a limited number of meetings or calls.
- Leverage the Information Security Team and vCISO and IT Compliance Manager for additional communications.
- Write recommendations for updates to existing IT policies and the exact text for changes to be incorporated into the policies.
Requirements
- Demonstrated experience writing IT policies and procedures based on NIST 800-53 and Cyber Security Framework.
- Demonstrated experience auditing NIST 800-53 controls to cybersecurity and participating in IT compliance programs.
- CISA or CompTIA Security+ certifications are preferred but not required.
- Excellent written and verbal communication skills.
- Ability to work independently and collaboratively with teams.
- Strong analytical and problem-solving skills.
- Attention to detail and ability to prioritize tasks.
- Experience working with government or public sector organizations is a plus.
Benefits
- Health Care Plan (Medical, Dental & Vision)
- Retirement Plan (401k, IRA)
- Paid Time Off (Vacation, Sick & Public Holidays)
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CISA Compliance CompTIA NIST NIST 800-53 SharePoint
Perks/benefits: 401(k) matching Health care
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open IPS-related jobs