Yesterday
Public Trust
Mid Level Career (5+ yrs experience)
IT - Security
Washington, DC (On-Site/Office)
Overview:
Planned Systems International (PSI) is an Enterprise IT services company who focuses on designing, building, securing, and operating cutting-edge software solutions that drive mission success and operational excellence for Federal Government organizations. PSI is currently seeking a Information Security Analyst SME to support the Department of Justice (DOJ), Information Security & Validation Staff (ISVS) in enhancing cybersecurity posture across the Risk Management Framework. This position covers planning, implementing, upgrading, and monitoring security measures to safeguard Judiciary systems and infrastructure in alignment with NIST, JISF, and GRC standards.
Essential Functions and Job Responsibilities:
- Plan, implement, and upgrade security controls to protect networks, systems, and data—including securing digital files and infrastructure.
- Monitor systems and respond to security incidents, breaches, and vulnerabilities.
- Develop and manage security documentation (e.g., SSPs, POA&Ms, IRPs, RAMs) following federal GRC and RMF protocols.
- Conduct risk assessments and support system authorization—tailoring RMF control implementation to agency requirements.
- Collaborate with stakeholders to align security strategies with enterprise policies, facilitate continuous monitoring, and report on security posture.
Minimum Requirements:
- Bachelor’s degree in Information Security, Cybersecurity, Computer Science, or related discipline.
- 7–10 years of directly relevant experience, including RMF GRC, security planning, incident management, and enterprise-level risk assessment.
- One or more of the following certifications: CISSP, CISM, CISA, CRISC, CGRC.
- Proven capability in planning, implementing, monitoring, and responding to complex security challenges at the infrastructure and enterprise level.
- Demonstrated ability to apply NIST SP-800-53, SP-800-37, FedRAMP, CSF 2.0, and JISF frameworks.
- Experience with creating and maintaining RMF-driven documentation and managing governance tools.
- Technical skills in vulnerability analysis, risk mitigation, and incident response methodologies.
Desired Qualifications:
- Experience with system categorization IAW NIST SP 800-60.
- Experience with implementing continuous monitoring IAW NIST SP 800-137.
- Incident response experience including development of IR policy, plan, and procedures and creating and executing tabletop exercises.
- Experience using cybersecurity posture management tools and SIEMs to collect and analyze vulnerability data.
- Experience Cyber Exchange STIG and SRG library, ability to create an applicability matrix for STIGs and SRGs which are applicable to a system.
- Experience with the DOJ Cyber Security Assessment and Management Application (CSAM).
Planned Systems International (PSI) is an Enterprise IT services company who focuses on designing, building, securing, and operating cutting-edge software solutions that drive mission success and operational excellence for Federal Government organizations. PSI is currently seeking a Information Security Analyst SME to support the Department of Justice (DOJ), Information Security & Validation Staff (ISVS) in enhancing cybersecurity posture across the Risk Management Framework. This position covers planning, implementing, upgrading, and monitoring security measures to safeguard Judiciary systems and infrastructure in alignment with NIST, JISF, and GRC standards.
Essential Functions and Job Responsibilities:
- Plan, implement, and upgrade security controls to protect networks, systems, and data—including securing digital files and infrastructure.
- Monitor systems and respond to security incidents, breaches, and vulnerabilities.
- Develop and manage security documentation (e.g., SSPs, POA&Ms, IRPs, RAMs) following federal GRC and RMF protocols.
- Conduct risk assessments and support system authorization—tailoring RMF control implementation to agency requirements.
- Collaborate with stakeholders to align security strategies with enterprise policies, facilitate continuous monitoring, and report on security posture.
Minimum Requirements:
- Bachelor’s degree in Information Security, Cybersecurity, Computer Science, or related discipline.
- 7–10 years of directly relevant experience, including RMF GRC, security planning, incident management, and enterprise-level risk assessment.
- One or more of the following certifications: CISSP, CISM, CISA, CRISC, CGRC.
- Proven capability in planning, implementing, monitoring, and responding to complex security challenges at the infrastructure and enterprise level.
- Demonstrated ability to apply NIST SP-800-53, SP-800-37, FedRAMP, CSF 2.0, and JISF frameworks.
- Experience with creating and maintaining RMF-driven documentation and managing governance tools.
- Technical skills in vulnerability analysis, risk mitigation, and incident response methodologies.
Desired Qualifications:
- Experience with system categorization IAW NIST SP 800-60.
- Experience with implementing continuous monitoring IAW NIST SP 800-137.
- Incident response experience including development of IR policy, plan, and procedures and creating and executing tabletop exercises.
- Experience using cybersecurity posture management tools and SIEMs to collect and analyze vulnerability data.
- Experience Cyber Exchange STIG and SRG library, ability to create an applicability matrix for STIGs and SRGs which are applicable to a system.
- Experience with the DOJ Cyber Security Assessment and Management Application (CSAM).
group id: RTL413949
