Security Analyst

Hybrid 3 days onsite / 2 days remote in Rockville, MD or Tysons Corner, VA

Our client is a leading independent regulatory organization overseeing brokerage firms and registered financial professionals for compliance with federal securities laws and industry regulations. The organization protects investors, maintains fair and transparent markets, and promotes market integrity through examination, enforcement, education, and regulatory oversight. It partners with financial institutions and government stakeholders and leverages technology, data, and governance practices to enhance risk management, cybersecurity, and market confidence.

We can facilitate w2 and corp-to-corp consultants. For our w2 consultants, we offer a great benefits package that includes Medical, Dental, and Vision benefits, 401k with company matching, and life insurance.

Rate: $60.00 to $80.00/hr. w2

• Develop Security Authorization Packages compliant with FISMA and FedRAMP, including System Security Plans, Contingency Plans, Configuration Management Plans, Incident Response Plans, Privacy Impact Assessments, Security Assessment Plans, and Security Assessment Reports under senior supervision.
• Review and analyze Security Authorization Packages for completeness and compliance with FISMA and FedRAMP requirements.
• Participate in client interviews to gather information for Security Authorization Packages and assessments.
• Maintain Security Authorization Packages to ensure accuracy throughout the system lifecycle.
• Review and analyze vulnerability scan results from tools such as Sentinel One, Qualys, App Detective, Web Inspect, IBM App Scan, and Burp Suite.
• Build and maintain customer-focused relationships with clients.
• Collaborate across internal teams to deliver results aligned to scope and timelines.
• Establish standards and procedures to minimize security risks.
• Drive working sessions with clients to align expectations and meet timelines.
• Lead projects through initiation to closure.

• 3 to 5 years of information security experience in FISMA and FedRAMP environments.
• Familiarity with NIST 800 series guidelines, including 800-30, 800-37, 800-53/53A, and 800-60.
• Excellent written and verbal communication with strong presentation skills to customers.
• FedRAMP experience (preferred).
• Experience with SOC 2, PCI-DSS, or Reg SCI (preferred).

• CISSP certification (or equivalent) recognized.
• CEH certification recognized.
• CAP certification recognized.
  
  Security+ certification recognized.
• GSEC certification recognized.
• CCNA or CCNP certification recognized.
• AWS certifications recognized.
• CASP certification recognized.

Skills, experience, and other compensable factors will be considered when determining pay rate. The pay range provided in this posting reflects a W2 hourly rate; other employment options may be available that may result in pay outside of the provided range.

W2 employees of Eliassen Group who are regularly scheduled to work 30 or more hours per week are eligible for the following benefits: medical (choice of 3 plans), dental, vision, pre-tax accounts, other voluntary benefits including life and disability insurance, 401(k) with match, and sick time if required by law in the worked-in state/locality.

Please be advised
- If anyone reaches out to you about an open position connected with Eliassen Group, please confirm that they have an  email address and never provide personal or financial information to anyone who is not clearly associated with Eliassen Group. If you have any indication of fraudulent activity, please contact