Information Security Compliance Analyst (A&A, OT/ICS) - Hybrid
Description:
Macro Pros (Alluvial Concepts) is seeking an Information Security Compliance Analyst with strong Assessment & Authorization (A&A) experience and deep knowledge of NIST SP 800-53 Rev. 5. This is a long-term contract with the potential to convert to full-time with one of the top government integrators in the industry.
This is a hybrid role (2 days onsite in Bethesda, MD - flexible on days, 3 days remote).
Requirements:
Must currently live in the Washington, DC metro area
U.S. Citizen
Ability to pass a standard background check and obtain a Public Trust clearance
What You'll Do:
Analyze, review, monitor, and reassess the adequacy of information security controls across the organization
Execute technical risk assessments using NIST SP 800-53 Rev. 5 across various systems, technologies, and environments
Perform security audits, internal assessments, risk assessments, and support independent external audits
Develop clear and effective methods for reporting assessment results to executive leadership
Advise on and help establish sound information security processes and controls aligned with federal policies and SOPs
Work closely with implementation teams to ensure solutions meet security requirements throughout the system lifecycle
Verify that implemented controls are operating as designed
Liaise with client A&A teams to support ATO efforts for new and existing systems
Organize and conduct control assessments to validate ATO and audit readiness
Partner with project managers, technical leads, and client stakeholders to assess, report, and remediate control gaps
Qualifications:
6+ years supporting federal government systems and conducting A&As for ATOs
Strong experience evaluating system security posture and providing risk-based findings and recommendations
Demonstrated expertise with:
NIST SP 800-53 Rev. 5, 800-37, 800-82 Rev. 3
FIPS 199 & 200
FISMA, CNSS, FISCAM, GAO Green Book
Experience helping system owners and stakeholders understand and implement federal security requirements
Proven ability to assess control design and operational effectiveness
OT / ICS experience preferred
Client Requirements:
Bachelor's degree in Computer Science, Information Systems, Engineering, Business, or a related field
CISA certification
#Dice