Coalfire Federal is a market leading cybersecurity consultancy firm that provides independent and tailored advice, assessments, technical testing and a full suite of cyber engineering services to Federal agency customers.  Coalfire Federal along with its parent company, Coalfire, has an unparalleled client list with deep customer relationships with leading cloud and technology providers including Amazon, Microsoft, IBM, Google and Oracle and Federal agencies.  Coalfire has been a cybersecurity thought leader for over 20 years and has offices throughout the United States and Europe and is committed to making the world a safer place by solving our clients’ toughest security challenges. 

But that’s not who we are – that’s just what we do.

We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.  

We’re currently seeking a Senior System Security Analyst to support our Federal team.

Position Summary 

This position will potentially be supporting a government customer's Security Assessment and AI Pilot program, therefore previous experience emphasizing NIST AI RIsk Management Framework will be required. 

Location Details

Remote with occasional meetings at the customer site in Rockville, MD.
Open to local candidates in the Washington, D.C. / Northern VA / Maryland areas. 

• Support federal customers and provide a firm understanding of how to apply the principles of information security in a variety of circumstances and security requirements into common technical implementations
• Support customers with implementing the core principles of the NIST AI Risk Management Framework
• Support teams in the review and analysis of Security Packages for completeness and compliance with FedRAMP/DoD/NIST requirements
• Assist in the development of Risk Assessment Reports (RAR), and security briefings
• Validate Cloud Service Provider (CSP) compliance with FedRAMP/DoD/NIST security control baselines through review of evidence, testing, interviews, and analysis of scans, etc
• Familiarity with SSP, SAP, SAR, Plan of Action and Milestones (POA&M) Report, Deviation Requests, Significant Change Requests, Continuous Monitoring artifacts is required
• Conduct client interviews to assess the technical and operational effectiveness of security control implementations
• Assess existing security environments to validate that security implementations remain up to date throughout the life cycle of a system or environment

• Knowledge of the NIST AI Risk Management Framework
• Knowledge of computer networking concepts and protocols, and network security methodologies.
• Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
• Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
• Knowledge of cybersecurity and privacy principles.
• Knowledge of cyber threats and vulnerabilities.
• Knowledge of critical infrastructure systems with information communication technology that were designed without system security considerations.
• Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).

Education 

Completed Bachelor’s degree from an accredited university, preferably in an IT related field.

Clearance / Suitability 

Ability to obtain a clearance or a Public Trust is preferred, however all clearance levels and non-cleared applicants will also be considered.

Certifications 
One or more of the following: CISSP or CISM 

Years of Experience 

At minimum 7 years of information security experience relative to the position qualifications.

• Knowledge of GRC tools e.g., CSAM

Our people make Coalfire Federal great. We work together on interesting things and achieve exceptional results. We act as trusted advisors to our customers and are committed to client-focused innovation as well as innovation in the industries that we serve.

Coalfire offers our people the chance to grow professionally with colleagues they like and respect while tackling challenges that stretch their minds and expand their skill sets. Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more.

You’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support memberships, and comprehensive insurance options.  

Coalfire is an EEO employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.