RIT Solutions, Inc.
KEY RESPONSIBILITIES:
• ssess security controls based on NIST 800-53 standards.
• Conduct interviews, reviews, and testing to verify compliance.
• Proficient in developing and maintaining comprehensive security documentation, including:
o System Security Plans (SSPs),
o Security Assessment Report (SARs),
o Security Assessment Workbook (SAW) and
o Plan of Action & Milestones (POA&Ms)
• Support risk assessments and vulnerability analyses.
• Conduct system security control assessments for federal information systems, applications, and cloud environments
• Perform risk assessments and recommend actionable mitigation strategies to stakeholders.
• Create and update security documentation, including policies, procedures, and test plans.
• Collaborate with system owners, ISSOs, and IT teams to implement and document security requirements.
• Communicate findings, risks, and mitigation efforts to technical and non-technical stakeholders.
REQUIRED KNOWLEDGE & SKILLS: • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience). • 3-5+ years of experience in security compliance, risk management, or related fields, with strong knowledge on NIST SP 800-53, CMS MARS-E 2.2, FedRAMP, HIPAA, PCI, State RAMP, SOC 2 Type II, and other relevant industry and government cyber security compliance standards and frameworks • bility to manage multiple tasks effectively while working independently and collaboratively.
ABILITIES: • bility to conduct independent security control assessments for federal systems and cloud environments. • Skilled in performing detailed risk assessments and providing actionable mitigation strategies. • Strong written and verbal communication skills, capable of collaborating effectively with stakeholders, including system owners, ISSOs, and IT teams. • Demonstrated ability to manage multiple tasks effectively, both independently and in a team environment. • Strong problem-solving and analytical abilities to address complex security challenges.
FOLLOWING INDUSTRY STANDARD CERTIFICATIONS ARE PREFERRED BUT NOT REQUIRED: • Certified Information Systems Security Professional (CISSP) • Certified Information Security Manager (CISM) • Certified Information Systems Auditor (CISA) • Certified Cloud Security Professional (CCSP)
REQUIRED KNOWLEDGE & SKILLS: • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience). • 3-5+ years of experience in security compliance, risk management, or related fields, with strong knowledge on NIST SP 800-53, CMS MARS-E 2.2, FedRAMP, HIPAA, PCI, State RAMP, SOC 2 Type II, and other relevant industry and government cyber security compliance standards and frameworks • bility to manage multiple tasks effectively while working independently and collaboratively.
ABILITIES: • bility to conduct independent security control assessments for federal systems and cloud environments. • Skilled in performing detailed risk assessments and providing actionable mitigation strategies. • Strong written and verbal communication skills, capable of collaborating effectively with stakeholders, including system owners, ISSOs, and IT teams. • Demonstrated ability to manage multiple tasks effectively, both independently and in a team environment. • Strong problem-solving and analytical abilities to address complex security challenges.
FOLLOWING INDUSTRY STANDARD CERTIFICATIONS ARE PREFERRED BUT NOT REQUIRED: • Certified Information Systems Security Professional (CISSP) • Certified Information Security Manager (CISM) • Certified Information Systems Auditor (CISA) • Certified Cloud Security Professional (CCSP)