Cybersecurity Analyst

Location of job

Remote (US/DC metro area)

Supervisor

CTO team member - TBD

About BAO Systems

BAO Systems is an industry leader in digital data solutions for health and development. We empower our partners to implement scalable and sustainable solutions that uncover data-driven insights to improve livelihoods, strengthen health systems, and achieve equitable human development.

Our team comprises passionate public health and development practitioners, information system experts, software engineers, system engineers, monitoring and evaluation advisors, and data scientists. We excel in providing a broad spectrum of services and products. For more information, please visit www.baosystems.com

Purpose of the role

We are seeking a talented and experienced cybersecurity analyst to join our team. The successful candidate will be responsible for developing, documenting, and implementing security policies, procedures, and controls to ensure the confidentiality, integrity, and availability of a large U.S. government organization's data and systems. They will also work closely with other IT professionals to monitor network activity, identify potential threats and vulnerabilities, and respond to security incidents as needed.

This position requires the ability to obtain a Moderate Risk Public Trust (MRPT).

Core job responsibilities

• Analyze, document, and ensure compliance with OMB Circular A-130, Federal Information Security Management Act (FISMA), and other federal laws and regulations, FIPS Standards, NIST guidance, as well as FedRamp.
• Assist with FedRamp documentation and controls for platforms that will be gaining FedRamp authorization.
• Assist with reporting and communication requirements such as Plan of Action and Milestones, Security Control Assessment Plan, and Security Assessment Report.
• Operational support for information security tool alerts, triaging, and maintenance
• Execute on information security activities such as vulnerability management, application development security, business continuity, networking, risk management, etc.
• Work with team members to assess security controls and evaluate security posture of organizational internal controls
• Evaluate third party relationships for compliance to organization security standards
• Serve as Subject Matter Expert (SME) on information security related projects and initiatives assigned
• Respond to security incidents, investigate breaches, and take appropriate action to mitigate risks and prevent future incidents.
• Stay up-to-date with the latest security trends and best practices, and make recommendations for improvements to the organization's security posture.
• Provide logistical and administrative support and materials for meetings and monthly working groups.

Required skills/experience

• 3+ years of experience working as a business or security analyst
• A Bachelor’s Degree in Information Technology, Cyber Security, Computer Science, or Engineering
• Demonstrated knowledge and expertise of the FedRamp authorization process and documentation
• Ability to work independently and manage multiple projects/assignments/responsibilities in a fast-paced environment
• Strong verbal and written communication skills
• Demonstrated problem solving and critical thinking skills
• General Information Technology and computer networking knowledge

Classification

Full-Time

BAO Systems provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.