SOS International LLC
Information Security Analyst (SME)
SOS International LLC, Washington, District of Columbia, us, 20022
Overview
SOSi is seeking a highly qualified Information Security Analyst (SME) to support the U.S. Courts under the Information Security & Validation Staff (ISVS) Governance, Risk, and Compliance (GRC) program. This role delivers expert-level support for governance, risk management, and compliance across the judiciarys IT systems lifecycle. Essential Job Duties
Serve as a subject matter expert (SME) on federal GRC frameworks, particularly the Risk Management Framework (RMF), NIST 800-53 Rev 5, and Judiciary Information Security Framework (JISF). Lead and perform activities across all RMF phases: Prepare, Categorize, Select, Implement, Assess, Authorize, and Monitor. Develop, review, and update System Security Plans (SSPs), POA&Ms, Risk Assessments, Privacy Impact Assessments, and Continuous Monitoring Strategies using tools like CSAM. Manage Nessus scanning (agent and non-agent based), vulnerability assessments, and remediation tracking. Conduct asset inventory, stakeholder engagement, information lifecycle mapping, and risk categorization. Ensure compliance documentation and authorization packages are complete, accurate, and aligned with agency standards. Collaborate with federal stakeholders to ensure governance, risk management, and compliance activities are integrated and operationalized. Support audit response, corrective action plans, and continuous improvement of ISVS processes. Minimum Requirements
7-10 years of relevant experience in federal information security and GRC. Expert knowledge of NIST RMF, FISMA, FedRAMP, and continuous monitoring practices. Hands-on experience with CSAM, Nessus, and vulnerability management in a federal environment. Proven ability to develop SSPs, POA&Ms, Risk Assessments, and system categorization artifacts. Preferred Qualifications
Relevant certifications (e.g., CISSP, CISM, CAP, CRISC) strongly preferred. Experience supporting federal judiciary or DOJ environments is a plus. Work Environment
Normal office conditions with potential to perform duties in deployed locations. Core hours of operation are Monday through Friday, 0600 1700. May be requested to work evenings and weekends to meet program and contract needs.
Working at SOSi
All interested individuals will receive consideration and will not be discriminated against for any reason. #J-18808-Ljbffr
SOSi is seeking a highly qualified Information Security Analyst (SME) to support the U.S. Courts under the Information Security & Validation Staff (ISVS) Governance, Risk, and Compliance (GRC) program. This role delivers expert-level support for governance, risk management, and compliance across the judiciarys IT systems lifecycle. Essential Job Duties
Serve as a subject matter expert (SME) on federal GRC frameworks, particularly the Risk Management Framework (RMF), NIST 800-53 Rev 5, and Judiciary Information Security Framework (JISF). Lead and perform activities across all RMF phases: Prepare, Categorize, Select, Implement, Assess, Authorize, and Monitor. Develop, review, and update System Security Plans (SSPs), POA&Ms, Risk Assessments, Privacy Impact Assessments, and Continuous Monitoring Strategies using tools like CSAM. Manage Nessus scanning (agent and non-agent based), vulnerability assessments, and remediation tracking. Conduct asset inventory, stakeholder engagement, information lifecycle mapping, and risk categorization. Ensure compliance documentation and authorization packages are complete, accurate, and aligned with agency standards. Collaborate with federal stakeholders to ensure governance, risk management, and compliance activities are integrated and operationalized. Support audit response, corrective action plans, and continuous improvement of ISVS processes. Minimum Requirements
7-10 years of relevant experience in federal information security and GRC. Expert knowledge of NIST RMF, FISMA, FedRAMP, and continuous monitoring practices. Hands-on experience with CSAM, Nessus, and vulnerability management in a federal environment. Proven ability to develop SSPs, POA&Ms, Risk Assessments, and system categorization artifacts. Preferred Qualifications
Relevant certifications (e.g., CISSP, CISM, CAP, CRISC) strongly preferred. Experience supporting federal judiciary or DOJ environments is a plus. Work Environment
Normal office conditions with potential to perform duties in deployed locations. Core hours of operation are Monday through Friday, 0600 1700. May be requested to work evenings and weekends to meet program and contract needs.
Working at SOSi
All interested individuals will receive consideration and will not be discriminated against for any reason. #J-18808-Ljbffr