Security Analyst C&A

Indus Corporation

Washington, DC

Job Description

C&A Analyst job description: (3 positions)

The C&A Analyst will work as part of a Team to obtain system information and documentation and complete C&A documentation, track and close action items, conduct annual security testing, and assist with FISMA reporting.

Responsibilities:

Gather data and documentation in support of certification and accreditation activities

Evaluate information and generate interview questions.

Participate in interviews and demonstrations to gather system information and obtain an understanding of system functionality and data types

Prepare Meeting minutes

Complete Security Plan following Team procedures and template

Complete Risk Assessment following Team procedures and template

Complete Security test plan and security testing following Team procedures and template

Create Plan of Actions and Milestones (POA&Ms) and prepare for entry in FISMA reporting tool

Track and evaluate completion of POA&Ms

Support FISMA reporting

Qualifications:

Required

Bachelors Degree in Computer Systems, or equivalent experience

Three years of recent experience in writing C&A documentation according to NIST standards for a Federal civilian agency

Good interpersonal skills to work with external customers, management, and internal team members

Good verbal and written communication skills.

In depth knowledge of security concepts per NIST 800-53

Three years experience developing security plans and risk assessments using standard templates

Two years experience developing security test plans per NIST 800-53A

Two years experience conducting security tests for major applications per NIST 800-53A

One year experience conducting security tests for general support systems per NIST 800-53A

Desired

Experience with producing FISMA Reports using CSAM

Experience conducting and documenting Disaster Recovery and/or contingency plan tests.