Internship Rmf Analyst Jobs in Washington, DC (NOW HIRING)

TIAG is now hiring a Cybersecurity Analyst to join our team full time in Arlington, VA. The position is 100% onsite in Arlington and requires an active Secret Clearance to start work. 

Responsibilities include:

• Continuously monitors information systems for security threats, vulnerabilities, and breaches. Utilize security tools to analyze alerts and take appropriate action.
• Conducts regular risk assessments and vulnerability analyses to identify potential security weaknesses and recommends remediation strategies.
• Utilize DISA STIG Viewer to assess, document, and track system compliance with Security Technical Implementation Guides (STIGs), including performing checklist reviews, recording findings, and generating compliance reports.
• Supports the Assessment and Authorization (A&A) process as part of the Risk Management Framework (RMF) for multifaceted systems, networks and enclaves.
• Assists with risk mitigation through management of the Plan of Action and Milestones (POA&M) process. Verifies actions taken by internal IT support teams satisfy risk mitigation.
• Assists in the development and implementation of information assurance policies and procedures to ensure compliance with organizational and regulatory requirements.
• Support incident response efforts, including investigating security incidents, documenting findings, and coordinating with relevant teams for remediation.
• Maintains accurate documentation of security incidents, assessments, and compliance activities for audit and reporting purposes.
• Participates in internal and external audits to assess compliance with security policies and regulatory requirements; provide recommendations for improvement.
• Works closely with IT staff and other departments to ensure that security measures are integrated into system development and operational processes.

• 4+ years of professional experience in information security, risk management, or a related field, including internships or coursework.
• Basic knowledge of security tools, network security principles, and vulnerability assessment methodologies.
• Working experience with the DoD’s Assured Compliance Assessment Solution (ACAS) tool is preferred: 
• Basic knowledge of U.S. Government security policy including Department of Defense and appropriate civil agencies such as NIST, as well as commercial “best practices”.
• Working knowledge of standard information security products including firewalls, intrusion detection systems, anti-virus systems, vulnerability testing, and security analysis tools.
• Familiarity with STIG Viewer
• Exposure to the Risk Management Framework (RMF) and the A&A process.
• Exposure to a Governance, Risk and Compliance (GRC) tool such as eMASS (preferred), CSAM or XACTA.
• Exposure to cloud computing implementation and maintenance preferably with AWS.
• Strong analytical and problem-solving skills, with the ability to assess complex security issues and propose solutions.
• Excellent verbal and written communication skills; ability to explain technical concepts to non-technical stakeholders.
• Ability to work effectively both independently and as part of a team in a fast-paced environment.
• Active Secret Clearance or current interim
• Associate's degree with 4 years of experience or a Bachelor's degree and 2 years of experience
• IAT Level I certification
• CompTIA A+, Network+, CCNA (Security+ satisfies the requirement)
• Computing environment certification (e.g., Server+, Linux+, AWS Certified Solution Architect (or equivalent)

TIAG is an equal opportunity employer and federal contractor or subcontractor.  Consequently, the parties agree that, as applicable, they will abide by the requirements of 41 CFR 60-1.4(a), 41 CFR 60-300.5(a), and 41 CFR 60-741.5(a)  and employment decisions shall be based solely on merit and without regard disability, or protected veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations. TIAG takes proactive steps to employ and advance in employment qualified individuals without regard to disability or protected veteran status.  The parties also agree that, as applicable, they will abide by the requirements and may be subject and required to take action pursuant to the following laws and accompanying regulations:

The Vietnam Era Veterans Readjustment Assistance Act of 1974, as amended (and its implementing regulations at 41 C.F.R. 60-300);
Section 503 of the Rehabilitation Act of 1973, as amended (and its implementing regulations at 41 C.F.R 60-741); and 
Executive Order 13496 (and its implementing regulations at 29 C.F.R. part 471, Appendix A to Subpart A).