Hands on GRC Specialist
Motion Recruitment Partners
Hands on GRC Specialist
This role functions as a "hands-on" mid-level security analyst responsible for collaborating with security engineering, operations, architecture, and build teams. The analyst will assist in developing and maintaining various System Security Plans (SSP) and related documentation across multiple environments. Responsibilities include gathering information on the implementation of security controls, documenting these implementations in the SSP, and updating related security documentation as needed.
The company is located in Herndon, VA and will remain 100% remote but the candidate must be local to the D.C. Area.
What You Will Be Doing: Gather information and architecture diagrams and implement security controls by collaborating with security engineering, operations, and build teams. Develop security documentation, including System Security Plans (SSP), security plans, procedures, and processes. Maintain and regularly review and update all security documentation. Understand the intent of IRS and FedRAMP security controls and FISMA security controls and communicate these as needed. Assist with FedRAMP, FISMA, PCI, ISO, SOC, and other authorizations, including preparing the operations team through training and mock interviews, updating documentation as required, and supporting requests from FedRAMP PMO, agency, or CISO. Required Skills & Experience: Bachelor’s Degree in Computer Science, MIS, Information Technology, or equivalent experience in Information Security, Information Technology, or a related technical discipline. Minimum of 7 years of experience in Information Technology. Experience with cloud technologies, especially AWS, Azure, and/or Google Cloud, is desirable. Experience with FedRAMP or other authorization processes and the NIST risk management framework. Experience in developing, evaluating, and implementing information security architectures, technologies, standards, and practices to secure applications and IT systems is desirable. Experience in developing security documentation such as SSPs, policies, and procedures. Flexible, self-motivated, and able to work independently in a fast-paced environment. Excellent communication skills with a proven ability to work effectively with all levels of IT and business management. Familiarity with testing, development, staging, and pre-production environments requiring cybersecurity support. Knowledge of the Privacy Act, GDPR, and other data privacy frameworks. Experience in writing or executing system security documentation, authorization to operate packages, POA&Ms, and policies. Experience in reviewing, editing, and writing technical documents. Skilled in preparing and delivering written and oral presentations of a complex technical nature. Demonstrated ability to coordinate multiple tasks. Desired Skills & Experience: Professional industry certifications in area of expertise. Knowledge of best practices and security guidelines (e.g., NIST 800-53 rev 4, NIST 800-53, FedRAMP). Knowledge of security frameworks including RMF, ISO, HIPAA, FedRAMP, and HIPAA. ISC CISSP, ISACA CISM, or equivalent certification.
Applicants must be currently authorized to work in the United States on a full-time basis now and in the future.
This position doesn’t provide sponsorship.
This role functions as a "hands-on" mid-level security analyst responsible for collaborating with security engineering, operations, architecture, and build teams. The analyst will assist in developing and maintaining various System Security Plans (SSP) and related documentation across multiple environments. Responsibilities include gathering information on the implementation of security controls, documenting these implementations in the SSP, and updating related security documentation as needed.
The company is located in Herndon, VA and will remain 100% remote but the candidate must be local to the D.C. Area.
What You Will Be Doing: Gather information and architecture diagrams and implement security controls by collaborating with security engineering, operations, and build teams. Develop security documentation, including System Security Plans (SSP), security plans, procedures, and processes. Maintain and regularly review and update all security documentation. Understand the intent of IRS and FedRAMP security controls and FISMA security controls and communicate these as needed. Assist with FedRAMP, FISMA, PCI, ISO, SOC, and other authorizations, including preparing the operations team through training and mock interviews, updating documentation as required, and supporting requests from FedRAMP PMO, agency, or CISO. Required Skills & Experience: Bachelor’s Degree in Computer Science, MIS, Information Technology, or equivalent experience in Information Security, Information Technology, or a related technical discipline. Minimum of 7 years of experience in Information Technology. Experience with cloud technologies, especially AWS, Azure, and/or Google Cloud, is desirable. Experience with FedRAMP or other authorization processes and the NIST risk management framework. Experience in developing, evaluating, and implementing information security architectures, technologies, standards, and practices to secure applications and IT systems is desirable. Experience in developing security documentation such as SSPs, policies, and procedures. Flexible, self-motivated, and able to work independently in a fast-paced environment. Excellent communication skills with a proven ability to work effectively with all levels of IT and business management. Familiarity with testing, development, staging, and pre-production environments requiring cybersecurity support. Knowledge of the Privacy Act, GDPR, and other data privacy frameworks. Experience in writing or executing system security documentation, authorization to operate packages, POA&Ms, and policies. Experience in reviewing, editing, and writing technical documents. Skilled in preparing and delivering written and oral presentations of a complex technical nature. Demonstrated ability to coordinate multiple tasks. Desired Skills & Experience: Professional industry certifications in area of expertise. Knowledge of best practices and security guidelines (e.g., NIST 800-53 rev 4, NIST 800-53, FedRAMP). Knowledge of security frameworks including RMF, ISO, HIPAA, FedRAMP, and HIPAA. ISC CISSP, ISACA CISM, or equivalent certification.
Applicants must be currently authorized to work in the United States on a full-time basis now and in the future.
This position doesn’t provide sponsorship.
You will receive the following benefits:
Medical Insurance - Four medical plans to choose from for you and your family Dental & Orthodontia Benefits Vision Benefits Health Savings Account (HSA) Health and Dependent Care Flexible Spending Accounts Voluntary Life Insurance, Long-Term & Short-Term Disability Insurance Hospital Indemnity Insurance 401(k) including match with pre and post-tax options Paid Sick Time Leave Legal and Identity Protection Plans Pre-tax Commuter Benefit 529 College Saver PlanMotion Recruitment Partners is an Equal Opportunity Employer, including Veterans/Disability/Women. All applicants must be currently authorized to work on a full-time basis in the country for which they are applying, and no sponsorship is currently available. Accommodation will be provided in all parts of the hiring process as required under Motion Recruitment Employment Accommodation policy. Applicants need to make their needs known in advance.
Confirm your E-mail: Send Email
All Jobs from Motion Recruitment Partners