You might also like
in Vienna, VA
Information Security Analyst - Senior
Estimated Pay | $20 per hour |
---|---|
Hours | Full-time, Part-time |
Location | Vienna, Virginia |
Compare Pay
Estimated Pay$14.11
$20.02
$32.31
About this job
Job Description
Provides technical support to the mission critical Digital Identity Risk Assessment (DIRA) process in accordance with NIST SP 800-63-3, 63A, 63B, and 63C. Must be familiar with NIST, FISMA, OMB, Treasury, and IRM compliant Digital Identity Risk Assessments, Risk Analysis, and related governance and activities to protect IRS Taxpayer data. Supports the IRS DIRA Manager and Task/Lead with maintenance of the DIRA schedule for reassessments, DIRA data collections, analysis, working groups, scheduling, meeting minutes, and development of DIRA artifacts (DIRA Tool reports, Digital Identity Acceptance Statements (DIAS), DIAS Addendums, Briefing slides, etc.).
Supports the review and updates to the DIRA process (e.g., Standard Operating Procedures) and tool to address changes in the DIRA operating environment. Provide technical advice and support to IRS in developing new risk assessment component for Ongoing Assessment or transactions, including continuous risk factors, monitoring criteria and metrics, scoring and weighting methodologies, assessment workflows, and process governance. Support the tracking, monitoring and review of DIRA assessed transactions to validate implemented assurance levels and compensating controls and evaluate compliance.
Engage with stakeholders (internal and external) through workshops designed to gather input on different aspects of the DIRA process, to continuously improve process components and facilitate collaboration on DIRA implementation. Tracks, monitors, and reviews DIRA assessed transactions to validate implemented assurance levels and compensating controls and evaluate compliance. Must have an understanding and experience performing Risk Analysis and Assessments. Ability to develop and support executive communications including CIO briefings and materials, support audits and hearings.
Primary duties may include, but are not limited to:
- DIRA Program Management & DIRA SME Support
- Initial and ongoing DIRA assessments
- Annual and/or event driven DIRA assessments
- Development of Digital Identity Acceptance Statements (DIAS)
- DIRA Process Enhancements
- DIRA Stakeholder Workshops
- DIRA Monthly Reports
- DIRA Artifact maintenance
- DIRA Compliance and Monitoring
- DIRA Executive Briefings
Basic Qualifications:
- Expert knowledge of NIST Publications (Specifically NIST SP 800-63-3, 63A, 63B, and 63C and related updates of NIST publications), OMB, Risk Management Framework (RMF).
- Knowledge of FIPS 199
- Knowledge and experience with technology risk assessments covering Webservices, network appliances, and software
- Knowledge and experience with System Development Lifecycle (SDLC) and Enterprise Lifecycle
- Knowledge of System Interconnections to include VPN and other encryption technologies
- IT Security Knowledge with desired Professional Certification from (ISC)2, ISA, PMI, CompTIA (minimum Security+), SANS
Clearance:
- Must be US Citizen.
- Must be able to maintain security clearance, specifically IRS Public Trust