Senior Security Analyst
Join us at Sparksoft, where we're not just another tech company—we're a catalyst for change. Our mission isn't just to offer IT solutions; it's to revolutionize the way you work. Here, passion isn't just a buzzword; it's the fuel behind groundbreaking ideas and transformative technologies. We serve a wide range of government clients, delivering impact that's felt across the nation.
Our true strength lies in our people. They're the problem-solvers and innovators consistently delivering extraordinary outcomes. With Sparksoft, you're not stepping into a routine job; you're joining a team committed to innovation and excellence. Our innovation extends beyond just delivering projects. Through our specialized Innovation Centers, we continuously refine our methods, ensuring we remain industry leaders.
We are Sparksoft!
ROLE & RESPONSIBILITIES:
• Create/Update all client security deliverables (SSP, CP, ISRA, SIA, POA&M, etc.)
• Work with team members to ensure security functions are implemented for the program(s) that are under their care.
• Act as a trusted advisor for security matters for their programs and provide training on security items when needed.
• Act as a bridge between client security teams and project teams to close the gap between compliance and technical security issues on both teams.
• Ensure proper security testing occurs and manages the vulnerability process in the scope of the program.
• Translate technical security findings (pen tests, CSRAP, Fortify, SonarQube, SNYK, Tenable, etc.) to practical issues, and guide teams to appropriate preventative and corrective action.
• Review program procedures and outputs and implement corrective action when needed.
• Act as a liaison for the program to client security teams.
• Support corporate security as needed.
REQUIRED EXPERIENCE:
• Experience in multiple aspects of FISMA, 5+ years
• Experience working in CMS/HHS environments, 5+ years
• Experience in an agile CI/CD development environment with a focusing on the testing and assessment functions (technical assessment and understanding (dev/sec/ops)
• Ability to participate in proposal development and ancillary activities (e.g., Oral Prep)
• Experience in Agile development and operations support, in respect to FISMA SP 800-53 guidelines
• Excellent writing and communication skills
• Experience in understanding and accurately interpreting security reports
• Experience in managing an audit for a program (CSRAP/ACT, A-123, IRS 1075, etc.)
• Experience with cloud-based systems (e.g., AWS, Salesforce)
• Experience in creating and maintaining the deliverables for an Authority to Operate (ATO)
• Experience in performing application-level testing (CP functional and tabletop testing required).
• Experience in performing risk and security assessments (RA & SA).
• Experience running meetings and holding team members to deadlines.
• Travel to Columbia, MD for meetings as required
PREFERRED EXPERIENCE:
• 10 years with privacy (PII) and data (ePHI/PHI) protection
• Project management, customer-facing reporting and etiquette
• Dynamic and Static code testing and analysis
EDUCATION & CERTIFICATIONS:
• 8+ years of experience in the required skill set (note CISSP requires 5 years in the required skill sets.)
• CISSP required (note that CASP, CISM, and GSEC do not qualify).
• Bachelor’s Degree
If you need accommodation seeking employment with Sparksoft Corporation, please email Sparksoft.Accommodations@sparksoftcorp.com or call 410-424-7700. Accommodations are made on a case-by-case basis.
At Sparksoft Corporation, we take security and protection of personal information very seriously. We will never ask you to send private personal information over email. Accordingly, we ask you to immediately contact our security team via email at abuse@sparksoftcorp.com upon receiving a suspicious request.
Create a Job Alert
Interested in building your career at Sparksoft Corporation? Get future opportunities sent straight to your email.
Apply for this job
*
indicates a required field