POAM Project Manager/Security Assurance Analyst
Tysons Corner, VA
Ardent MC
Our digital transformation, data science and location intelligence solutions are proven to deliver client mission outcomes.Why do you need to choose between doing important work and having a fulfilling life? At Ardent, we have both. Ardent employees are committed to solving our customers’ most difficult problems—and we are committed to the well-being, personal goals, and professional development of our employees. We are “All In.” We put forth our strongest effort possible to get the mission accomplished and we do it together. We respect the skills and experience you bring to the Ardent team. And we provide a rewarding environment to help you succeed.
We offer highly competitive benefits, professional development opportunities, and an exceptional culture that embraces flexibility, innovation, collaboration, and career growth. A collective service mindset underpins our work, and a shared camaraderie to serve clients, colleagues, and our communities sets us apart. Our full commitment to being "All In" for our employees and our clients is not just our approach, it is our standard. If this sounds like the perfect fit for you, choose Ardent and make a difference with us.
Ardent is seeking a POAM Project Manager/Security Assurance Analyst to join our team.
This is an Onsite position located in Tysons, VA. Remote work is subject to the discretion/needs of the customer.
Position Description:
Ardent is seeking a skilled and detail-oriented POAM Project Manager/Security Assurance Analyst to join our team. In this role, you will collaborate with Information System Security Officers (ISSOs), Information Technology Project Managers (ITPMs), Information System Owners, product owners, database administrators (DBAs), developers, system architects, and testers to ensure that assigned systems are security compliant and achieve/maintain Authority to Operate (ATO). Your expertise in the Risk Management Framework (RMF) process and information security standards will be crucial to our mission.
Responsibilities and Duties:
- Ensure assigned systems are security compliant and maintain ATO by following the RMF process for full tests, partial tests, continuous monitoring (CONMON), and no tests.
- Update and maintain documentation including System Security Plans (SSPs), Security Control Traceability Matrix (SCTM), and Plan of Action and Milestones (POA&Ms).
- Work with engineers to resolve formal security findings from assessments and scans, maintaining the Plan of Action & Milestones (POAM).
- Assist in the implementation of STIG checklists and mitigate scan findings.
- Develop and refine system processes and procedures with built-in security compliance.
- Support security assessment events and respond to inquiries from System and Product Owners, SEVIS team members, and ISSOs.
Requirements:
- Bachelor’s degree in a related field of study with eight (8) or more years of experience in information security OR Additional years of experience in lieu of a degree.
- At least three (3) years of direct experience with, and strong working knowledge of, FISMA and NIST Information Security Guides.
- Six (6) to eight (8) years of experience in an Information Security role, with a demonstrated understanding of regulatory standards, best practices, and common frameworks related to information security.
- Experience performing Security Control Assessments in compliance with NIST SP 800-37, NIST SP 800-53, NIST SP 800-53A, and other NIST 800 guidelines.
- Strong experience in conducting risk analysis and assessments, incorporating feedback from system and mission owners, and addressing unique operational constraints.
Preferred Requirements:
- Excellent communication skills to effectively interact with clients, stakeholders, and team members.
- Proven ability to work efficiently under pressure and resolve time-sensitive issues.
Due to the nature of the work we support, all candidates in consideration for this role must be willing to undergo the government-issued background investigation process.
Ardent is an equal-opportunity employer. We will not discriminate and will take affirmative action measures to ensure against discrimination in employment, recruitment, advertisements for employment, compensation, termination, upgrading, promotions, and other conditions of employment against any employee or job applicant on the basis of race, color, gender, national origin, age, religion, creed, disability, veteran's status, sexual orientation, gender identity or gender expression.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Compliance FISMA Monitoring NIST NIST 800-53 POA&M Risk analysis Risk management RMF SCTM Security assessment System Security Plan
Perks/benefits: Career development Competitive pay Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.