Overview
Senior Information Security Analyst Jobs in Indianapolis, Indiana, USA at Knowledge Services
Title: Senior Information Security Analyst
Company: Knowledge Services
Location: Indianapolis, Indiana, USA
Type: Full Time
Category: IT/Tech, Security
Overview
As a member of the State
RAMP Program Management Office (PMO), you will play a crucial role in addressing security-related challenges. You will identify and document gaps discovered during assessments, communicate these findings effectively, and provide valuable insights during meetings with Cloud Service Providers (CSPs) and representatives from Third-Party Assessment Organizations (3
PAOs).
This position entails evaluating and monitoring the security measures of Cloud Service Providers (CSPs) during the State
RAMP authorization process and throughout the continuous monitoring phase to detect potential security vulnerabilities. The role is crucial for ensuring CSP’s solutions have effectively implemented the NIST SP 800-53 framework and State
RAMP requirements.
Responsibilities
This position is responsible for ensuring that security measures align with the stringent requirements set forth by State
RAMP and the implementation of security technologies across CSP solutions that meet the NIST SP 800-53 framework. This involves conducting thorough assessments of CSP’s system security product for State
RAMP authorization, analyzing and reporting on CSP’s continuous monitoring, and evaluating products in State
RAMP Security Snapshot program. Additionally, the position will analyze reports for areas of risk and deficiencies, assess security vulnerabilities, make recommendations for improvements, and report compliance gaps that could jeopardize data integrity and confidentiality.
Qualifications
Bachelor’s degree in computer science, information technology, information assurance, cybersecurity, or related field.
In lieu of a degree, consideration will be given to an equivalent combination of relatededucationand work experience.
3-5 years of prior experience in information security compliance, information security auditing, vulnerability management, and/or information security with a focus on NIST SP 800-53.
Detailed knowledge of security and privacy standards and best practices, including current NIST Special Publication 800 series (800-53, 800-137, 800-145).
Demonstrate excellentcommunication skillsand the ability to drive reporting and security assessment activities.
One or more of the following security certifications (or other relevant security certifications/experience):
CRISC
CISA
SSCP
CCSP
GCLD
GCIH
Associate of (ISC)2
CompTIA Security+
Certified Ethical Hacker
US Citizenship
Preferred Qualifications:
Experience with one or more of the compliance areas: IRS 1075, MARS-E 2.0, FERPA, NERC, SOC 2, ISO 27001.
Experience with State
RAMP or FedRAMP.
Understanding of major CSPs (AWS, Azure, Google).
Understanding of Agile framework/methodology.
Experience in any of the following areas:
Incident detection, technical writing, vulnerability scanning, system administration, network monitoring, endpoint security, vulnerability remediation, event analysis/investigation, firewall configuration/management.
Additional Information:
This role additionally augments and assists Service Providers and 3
PAOs with guidance, documentation review, and analysis of security packages pre-audit, and provides best practices and guidance to providers working to become State
RAMP Ready and Authorized. The Information Security Analyst will be part of the State
RAMP PMO team and report to the State
RAMP PMO Manager.
Knowledge Services strives to offer an environment that provides our employees with the …
