Overview Goldbelt Nighthawk offers sound solutions in software development and both defensive and proactive cybersecurity. Nighthawk offers an integrated, holistic cybersecurity workforce that is enthusiastic, continuously learning, and progressive. The team is fully committed to implementing dynamic cybersecurity solutions that effectively address the needs of customers. Nighthawk’s flexibility and expertise across the cybersecurity field provides customized solutions to our customer's unique needs. Summary: The Information Assurance Analyst – Mid Level will support the Overseas Buildings Operations (OBO) Information System Security Officer (ISSO). The Senior Analyst will act as a subject matter expert (SME) for Federal Assessments & Authorizations (A&A); provides sound advice and recommendations to lower risk and improve the overall defensive posture. Responsibilities Essential Job Functions: Assist in performing risk and vulnerability assessments on OBO systems to identify and mitigate potential security risks. Collaborate with the ISSO and senior team members to analyze risks and recommend security measures. Assist in planning and preparation for security Assessment and Authorization (A&A) as part of the Department’s Information Assurance policy and Federal Information Security Management Act (FISMA) implementation efforts Help implement information security policies, procedures, and guidelines developed in collaboration with senior staff. Conduct risk assessments, vulnerability assessments, and system audits to identify potential security threats to OBO information systems. Provide recommendations to mitigate identified risks and ensure compliance with applicable regulations and standards. Provide support for and where necessary to create security documentation for the required phases of the DOS A&A process in support of obtaining Authority to Operate (ATO) approvals of OBO systems Perform Security Impact Analysis (SIA) review of change requests and provide reporting requirements to system owners. Analyze and report on security findings identified during assessment Create Plan of Action & Milestones (POAMs) for identified security control findings. Evaluate security control implementations for all OBO Systems boundaries on a yearly basis. assist the OBO ISSO in the creation of a bureau-wide Information Systems Security Policy that will be derived and aligned with existing department of state Foreign Affairs Manuals (FAM’s) and Foreign Affairs Handbooks (FAH’s) as well as be aligned with NIST Special Publications 800-53 rev4 Security and Privacy Controls for Federal Information Systems and Organizations. Perform other duties as assigned. Qualifications Necessary Skills and Knowledge: Excellent communication and interpersonal skills. Ability to work collaboratively in a team environment and lead initiatives. Strong analytical and problem-solving skills. Minimum Qualifications: Must possess a Bachelor Degree cybersecurity, computer science, informational technology, or related fields; Additional (4) four years of experience may be substituted for a degree. Minimum 5 years of experience in managing the inventory, categorization, selecting and monitoring security controls for the information systems in preparation of the Assessment and Authorization process for new and existing systems. Experienced in implementing NIST guidance related to the Risk Management Framework and supporting Plan of Action and Milestone (POAMs) review. Must have experience also in conducting interviews with application and system developers to document system operations surrounding security controls. Minimum of four (4) years of cybersecurity experience. US citizen Must have a Secret clearance. Preferred Qualifications: Certifications: CISSP, CISM, CAP, or other relevant certifications are highly desired. The salary range for this position is $150,000 to $175,000 annually. Pay and Benefits At Goldbelt, we value and reward our team's dedication and hard work. We provide a competitive base salary commensurate with your qualifications and experience. As an employee, you'll enjoy a comprehensive benefits package, including medical, dental, and vision insurance, a 401(k) plan with company matching, tax-deferred savings options, supplementary benefits, paid time off, and professional development opportunities.