Hill Associates, a leading IT Consultant, is searching for a Mid-Level Security Analyst. The ideal candidate will have prior experience with assessments or audits of Federal Government Agency information security programs’ compliance with The Federal Information Security Modernization Act (FISMA). FISMA establishes a set of IT security guidelines and objectives that Federal Agencies are required to meet.

The Department of Treasury is the executive agency responsible for promoting economic prosperity and ensuring the financial security of the United States. Treasury operates and maintains systems that are critical to the nation’s financial infrastructure, such as the production of coin and currency, the disbursement of payments to the American public, revenue collection, and the borrowing of funds necessary to run the federal government. It is important for cybersecurity professionals and executive leadership within Treasury to understand the cybersecurity posture and risk for these mission critical systems.

This is a premier opportunity to join a team with a mandate to provide information security protections that mitigate unauthorized access, use, disclosure, disruption, modification, or destruction of information and information systems. These protections aim to keep Treasury Department information and operations safe from cybersecurity threats and must comply with the requirements of FISMA and related Office of Management and Budget (OMB) and National Institute of Standards and Technology (NIST) policies and guidance.

If you are a skilled Cybersecurity professional with expertise in audit or assessments, and thrive in a fast-paced, collaborative environment, then we want to hear from you!

This position would operate under a temporary telework policy, in compliance with Federal Government and the Department of Treasury mandates. Under normal circumstances, the work is located at a metro accessible (two block walk) location in Washington, DC.

No travel outside the DC metro area is anticipated.

What You’ll Get to Do:

  • Be a key member on a team of risk, cyber, and IT specialists.

  • Provide leadership in a fast-paced team environment.

  • Interact with leadership and staff across the Agency and its Bureaus.

  • Consult with various stakeholders to develop strategies and policies with significant consideration to FISMA compliance.

  • Assist in the collection, analysis, and reporting of Treasury-specific security measures to support decisions regarding Treasury’s cybersecurity posture and continuous improvement.

  • Perform liaison and coordination activities pertaining to FISMA audits.

  • Support data calls and prepare technical reports and high-level summaries to senior management.

  • Effectively communicate FISMA audit findings via presentations, training, and briefings.

  • Conduct pre- or post-audit examinations of Departmental programs to evaluate the adequacy and effectiveness of Treasury’s internal controls relative to FISMA and other applicable legislation.

  • Perform quality reviews of audit reports, surveys, and special studies; report findings and recommend further corrective actions, including changes in Departmental policies and guidance as required.

  • Track to closure prior audit findings of all cyber security independent audits and reviews (FISMA, GAO, and OCIO).

  • Ensure program performance meets Government contract requirements.

You’ll Bring These Qualifications:

  • U.S. Citizen

  • Ability to obtain and maintain public trust clearance level.

  • Minimum of a bachelor’s degree in Risk Management, IT Security, Cybersecurity, or related IT fields.

  • Preferred Certifications: Certified Information Systems Auditor (CISA); comparable IT audit professional certification

  • At least 3-5 years’ experience in cybersecurity (architecture) related technical functions.

  • At least 1 year of experience as an IT Auditor in a DOD/Federal Agency environment.

  • Experience with FISMA, NIST SP 800 series, FISCAM, and other relevant Federal Government information assurance laws, regulations, and guidance.

  • Knowledge of generally accepted government auditing standards and familiarity with findings, recommendations, and corrective action plans.

  • Demonstrated knowledge (from work experience or classroom instruction) of industry standard network and system security policy statements and requirements, including, but not limited to, network security, host security, procedural security, physical security, and personnel security.

  • Ability to develop and present reports and findings.

  • Ability to work collaboratively across teams.

  • Experience working with senior level management.

  • Experience with Microsoft Office applications.

What We Can Offer You:

Hill Associates offers a comprehensive, total rewards package, including competitive compensation and a flexible benefits package. We are an affirmative action and equal opportunity employer committed to creating a diverse and supportive workplace. Employment decisions will be made without regard to race, color, religion, sex, age, national origin, military status, veteran status, handicap, physical or mental disability, sexual orientation, gender identity, genetic information or other characteristics protected by law. All information you provide will be kept confidential. Please contact Hill Associates at 202-656-6505 or via email at careers@hillasc.com.