Information Assurance Compliance Analyst

NikSoft is currently conducting a search for an Information Assurance Compliance Analyst to support the Cyber Security program (Risk Management Office) at the United States Postal Service. The candidate will have expertise in system certification & accreditation (C&A) processes; information assurance (IA) processes; achieving system ATOs, and continuous monitoring. The successful candidate will experience an unparalleled large-scale enterprise environment with over 800 Information Technology systems, processing billions of dollars in annual revenue and supporting a diverse user base spread across the entire US. Join the NikSoft team to scale your career to the next level.

• This resource will be working with the Certification & Accreditation team to oversee, evaluate, and support documentation, validation and accreditation processes necessary to assure that new information technology (IT) systems meet the organization's information assurance (IA) and security requirements.
• Work with each IT Application Owner to identify IPv6 requirements.
• Assist in applying the new IPv6 requirements to each application in the environment.
• Once applications are moved to IPv6, ensure proper documentation is in A&A packages.
• Work with CISO Engineering to ensure the application information is captured in the appropriate asset database.
• The candidate will manage action items, work to resolve issues, and identify and document system risks and vulnerabilities.
• Support the development of risk management by creating plans, procedures, protocols, and evaluation measures and ensuring there are desired levels of enterprise-wide IA/IS.
• Oversee the presence and adequacy of security measures proposed or provided in response to requirements contained in acquisition documents.

• Bachelor's degree in Information Technology or a relevant Cybersecurity field, and 5+ years of overall experience.
• 2+ years of experience working as an Information Assurance analyst.
• Knowledge of networking, topology, infrastructure specifically with IPv6 security requirements.
• Adequate IPv6 knowledge to support identification/development of security requirements for each application.
• Strong knowledge of the NIST Risk Management Framework (RMF) and security controls is required.
• Hands on experience creating ATO packages, and continuous monitoring compliance in a large-scale enterprise environment is required.
• Working experience with a GRC tool (preferably RSAM)
• Must have strong communication skills, both oral and written, with excellent interpersonal, team and organization skills.
• Must have strong knowledge of MS Office products to include PowerPoint, Word, Excel, and Outlook.
• A self-starter with proven abilities to collaborate and gather information from multiple teams.
• Certification in one or more of; Systems Security Certified Practitioner (SSCP), CompTIA Security+, CPTE - Certified Penetration Testing Engineer, CEH - Certified Ethical Hacker, or Certified Information System Security Professional (CISSP)
• Demonstrable experience with Security Operation tools inclusive of products from SPLUNK, FireEye, Looking Glass, Intel, Endgame, StealthWatch, RSA, and Tanium