Cyber-Security Risk Analyst

Responsibilities

Noblis is seeking an Cyber Security Subject Matter Expert (SME) to consult with a Federal client on the availability, appropriateness and procurement of Cyber Security solutions.  The candidate will lead Governance, Compliance and Risk (GRC) efforts and drive organizational strategy to manage governance and risk while maintaining compliance with industry and government regulations.   Candidates will organize, access, and analyze cybersecurity risk assessments to drive impactful risk mitigation strategies.  Candidates will Identity and assess the cyber risks associated with external parties, monitor third party performance and ensure external control effectiveness.

In addition, thecandidate will assist with the development, management, and execution of government acquisition of information security services and support. Responsibilities include market analysis; requirements development; drafting statements of work; supporting RFP activities; evaluating vendor responses for technical, past performance, and cost reasonableness; supporting evaluations; and making or recommending source selection decisions. Successful candidates will conduct on-going program activities including processing contract modifications, and analyzing cost savings.

As part of a Noblis team, candidates will work closely with government clients to understand current issues and challenges, generate practical and effective solutions, and assist with acquisition/deployment/management of those solutions, typically working “on the government side of the table” as an unbiased, trusted partner.

 

Technical:

• Experience with compliance with industry and government regulations such as SOC 1, SOC 2, FedRAMP, NIST SP 800-53, Risk Management Framework, PCI DSS.
• Experience with GRC methods, tools, and/or software solutions to achieve secure performance, alignment with IT and business goals, and address risks for large Federal organization.
• Research and conduct market analysis of Cyber Security solutions.
• Apply information assurance principles; define and document system requirements; support planning and scheduling activities; perform technical analyses of vendor capabilities; perform feasibility analyses and technical risk assessments.
• Working independently with general instruction, adapt and apply Noblis’ principles, concepts, processes, tools and methodologies to solve real-world problems in a team environment.
• Develop and apply knowledge of Federal acquisition practices and regulations to the competitive best value procurement of information security services.
• Prepare and/or contribute to technical reports, memos, analyses and briefings. Plan and manage assigned deliverables.
• Gather and document business and technical requirements.
• Knowledge of contract management activities is a plus.
• Support meetings, inter-team communication, and issue resolution with the client and internal/project stakeholder groups.
• Work closely and collaboratively with Noblis and customer team leaders and members.

Required Qualifications

• A Bachelor’s degree in a business or technical discipline such as Electrical or Systems Engineering, Computer Science, etc with 9 years of experience OR Master's degree in a business or technical discipline such as Electrical or Systems Engineering, Computer Science, etc with 6 years of experience.
• Knowledge of one or more relevant technical subject areas within information security, intrusion detection, compliance assessment & audit, incident response. High preference for GRC expertise. 
• Familiarity with relevant Federal technology issues, policies, regulations or practices.
• Experience with or knowledge of government acquisition/contracting practices, programs and regulations (FAR, DFAR, etc.) is especially useful.
• Ability to obtain and maintain a public trust (US citizenship OR green card holder living in the US for at least 5 years).

Hybrid positon, 2 days on-site at either Raleigh, NC (preferred) or Falls Church, VA. 

Desired Qualifications

• Excellent communication, collaboration, presentation, and leadership skills. Proven results-oriented problem solving abilities. Facility with presentation graphics and/or spreadsheet tools highly desirable.
• Ability to work in a dynamic team-oriented environment, demonstrate teamwork and initiative, and function productively in the face of new assignments and the re-prioritization of existing assignments.

The following certifications are preferred but not required:

• Certified Information Systems Security Professional (CISSP)
• Certified Information Systems Auditor (CISA)
• Certified Ethical Hacker (CEH)
• Security+
• GIAC Information Security Fundamentals (GISF)

Overview

Noblis and our wholly owned subsidiaries, Noblis ESI, and Noblis MSD tackle the nation's toughest problems and apply advanced solutions to our clients' most critical missions. We bring the best of scientific thought, management, and engineering expertise together in an environment of independence and objectivity to deliver enduring impact on federal missions. Noblis works with a wide range of government clients in the defense, intelligence and federal civil sectors. Learn more at Noblis -About Us

 

Why work at a Noblis company?

Our employees find greater meaning in their work and balance the other things in life that matter to them. Our people are our greatest asset. They are exceptionally skilled, knowledgeable, team-oriented, and mission-driven individuals who want to do work that matters and benefits the public. Noblis has won numerous workplace awards. Noblis maintains a drug-free workplace.

Total Rewards

At Noblis we recognize and reward your contributions, provide you with growth opportunities, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, and work-life programs. Our award programs acknowledge employees for exceptional performance and superior demonstration of our service standards. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in our benefit programs. Other offerings may be provided for employees not within this category. We encourage you to learn more about our total benefits by visiting the Benefits page on our Careers site.

 

Compensation at Noblis is determined by various factors, including but not limited to, the combination of education, certifications, knowledge, skills, competencies, and experience, internal and external equity, location, clearance level, as well as contract-specific affordability, organizational requirements and applicable employment laws. The projected compensation range for this position is based on full time status. For part time or on-call staff, compensation is proportionately adjusted based on hours worked. While monetary compensation is important, it's just one component of Noblis’ total compensation package.

Posted Salary Range

USD $90,300.00 - USD $141,075.00 /Yr.

Equal Employment Opportunity

Noblis is an Equal Opportunity Employer. Employment decisions are made without regard to race (as well as because of or on the basis of traits historically associated with race, including hair texture, hair type, and protective hairstyles such as braids, locks, and twists), color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, pregnancy, childbirth, lactation and related medical conditions, genetic factors, military/veteran status, or other characteristics protected by law.

 

Noblis is committed to the full inclusion of all qualified individuals. As part of this commitment, Noblis will ensure that persons with disabilities are provided reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact employee-relations@noblis.org.