Zachary Piper Solutions is seeking a Security Analyst/Documentation SME with a focus on Authority to Operate (ATO) processes and documentation development, including Security System Plans (SSPs) to support the CDM Program. The Security Analyst/ ATO & Documentation SME will focus on adhering to NIST guidelines (800-37, 800-53), selecting and applying controls, and managing documentation throughout the ATO accreditation process.
Key Responsibilities:
Qualifications:
Desired skills:
Compensation:
Salary: $130,000- $151,000/ year
Clearance requirement: ability to obtain a Public Trust (ability to hold a higher-level security clearance for the right candidate)
Location: 100% remote, required core hours 10am-3pm EST
Benefits: health, dental, vision, 401K, etc
Key words: Security Analyst, Documentation SME, document, documents, documented, documenting, SME, Security SME, assesses, assessed, assessor, assessment, assess, assess security risks, analyze, analyzed, analyzing, analyzation, analyzes, analyze security data, develop, developed, develops, developing, development, implement, implements, implemented, implementing, implementation, implement, security strategies, protected, protects, protecting, protection, protect, technology infrastructure and data, supports, supporting, supported, attain, attaining, attained, maintain, maintaining, maintains, maintained, maintaining, authority to operate, ATO, documentation, analysis, policy compliance, execution, execute, executes, executing, executed, system security activities, understand, understands, understood, understanding, network protocols, operating systems, cybersecurity best practices, guard guarded, guards, guarding, cyber threats, assists, assisted, assisting, assistance, Assist, production-systems data management, analyzing performance, identifying problems, identify, identification, identified, identifies, developing, recommendations, recommend, recommended, recommending, cybersecurity initiatives, Collaborate, collaborated, collaborates, collaborating, collaboration, collects, collected, collecting, collect, analyze, present, presented, presents, presentation, recommendations, security posture, risks, mitigations, evaluates, evaluated, evaluating, evaluation, Evaluate, system functions, writing security control language, standard operating procedures, SOPs, SOP, Assess, system vulnerabilities, security scans, provide, provided, providing, provides, provided, courses of action recommendations, remediation support, system security awareness, monitoring, alerting, security documents, compliance, track, POA&Ms, creation to completion, Create, maintain, dashboards, inform, cyber risk posture, US citizenship, Public Trust Suitability, Bachelor’s degree, Federal cyber security domain, governance and risk management, business continuity and disaster recovery, encryption, software development security, access control, network security, secure architecture, security operations, implementing, implements, implemented, implementation, NIST RMF, writing security control responses, delivering Federal cybersecurity reporting, compliance requirements, evaluating system security posture, application level to underlying infrastructure, systems deployed in cloud hosting environments, security concepts, governing policy, compliance, communication, communicated, communicates, communicate, execute security scans, Nessus, Burpsuite, evaluate code, evaluate logic, evaluate data flows, COTS, commercial off the shelf, AWS, AWS framework, Cloud-based security requirements, code repositories, Git, GitHub, cybersecurity certifications, CISSP, CISM, Security+, accreditation SME, ATO analyst, NIST 800-37, NIST 800-53