Principal Security Analyst (Top Secret Clearance)

Description

Job Title: Principal Security Analyst

Position Type: Full-Time W2, Direct Hire

Yearly Salary: $120,000 - $170,000/year (DOE) + Bonus if candidate has Top Secret (or higher) Security Clearance

Location : In-Office, McLean, VA

Years of Experience Required: 5+ years

Hiring Timeline: Immediate

US Citizenship Requirement: Must be a U.S. Citizen to be eligible for this position
Company: The name of our partner organization will be disclosed during the interview process. This is not a direct role with LaunchCode; it is a position through LaunchCode, working with one of our partner companies.

Disclaimer: We are unable to provide work sponsorship for this role. We are unable to consider candidates for this role who have a current or future work sponsorship need (this includes those holding extended OPT Visas).

Position Summary

The Principal Security Analyst will play a key role in advising and assisting our company partner's federal customers in designing, implementing, and maintaining secure solutions. This position requires a strong understanding of cybersecurity principles, the government's IT security authorization process, and experience with the NIST Risk Management Framework (RMF) and Authority to Operate (ATO) processes. The Senior Analyst will leverage their experience to guide customers through the security authorization process, contribute to the development of secure architectures, and mentor junior team members. This role involves working with cloud platforms such as Amazon Web Services (AWS) and Microsoft Azure in the context of government managed services.

Responsibilities:

Leading and Applying RMF Processes: Independently manage and execute the RMF steps, including system categorization, security control selection, implementation guidance, assessment support, authorization package development, and continuous monitoring for their solutions.

Driving ATO and FedRAMP Authorization: Take ownership of the preparation and management of Authorization to Operate (ATO) packages and lead the FedRAMP authorization process for federal customers, ensuring compliance with federal security standards.

Designing Secure Solutions: Architect secure end-to-end solutions for federal customers leveraging cloud platforms like AWS and Microsoft Azure, applying security best practices and federal requirements.

Mentoring Junior Analysts: Provide guidance and mentorship to junior security analysts, sharing your knowledge and experience in GRC and cybersecurity.

Collaborating with Customers and Internal Teams: Partner directly with federal customers and our company partner's Customer Success team to understand their security requirements and provide expert guidance on implementing cybersecurity strategies . Collaborate with senior cyber advisors to refine security approaches.

Contributing to Security Authorization Strategies: Play a significant role in developing and implementing comprehensive cybersecurity strategies for solution deployments within federal environment.

Maintaining Knowledge of Federal Policies: Stay current with the latest federal cybersecurity policies, standards (including FedRAMP), and best practices to ensure ongoing compliance and effective security authorization support.

Contributing to System Security Packages (SSPs): Lead the development and maintenance of System Security Packages (SSPs) in accordance with RMF requirements.

Qualifications:

Bachelor's degree in any Engineering discipline, Computer Science, Mathematics, Information Technology, or similar work.

An Active Government Clearance (Top Secret and above, without any limitations) is required.

Ability and interest to maintain an Active TS:SCI Clearance (CI or FSP), with the ability and willingness to perform work within cleared facilities (SCIF work is required).

Approximately 5+ years of experience as an IT systems administrator building, maintaining, scripting, patching, & managing hosts, databases, and interconnected Cloud services with significant experience in a security-focused role and a strong understanding of GRC principles.

Demonstrated experience in navigating the NIST Risk Management Framework (RMF) and Authority to Operate (ATO) processes.

Proven ability to contribute to the development of System Security Packages (SSPs).

Experience with cloud platforms such as Amazon Web Services (AWS) and Microsoft Azure, with a focus on security best practices for cloud environments.

Passion for cybersecurity and a strong desire to architect secure solutions for federal customers.

Strong communication and interpersonal skills, with the ability to effectively advise and guide customers