Information Security​/Privacy Analyst III

Information Security/Privacy Analyst III

Title:
Information Security/Privacy Analyst III

Role:
Information System Security Officer (ISSO)

Location:
Remote (Teleworker - VAT
200 - VA P0)

Pay Rate: $50/hr - $57/hr on W2

This position involves assessing, managing, and mitigating cybersecurity risks while ensuring compliance with NIST RMF, ISO, and other federal or organizational security frameworks. The role is strategic and hands‑on, suitable for senior professionals with deep experience in information assurance, risk management, and compliance.

• Conduct threat and vulnerability assessments for IT systems and applications (including cloud).
• Identify deviations from policies and standards.
• Recommend and implement mitigation strategies.
• Perform and document security control assessments (NIST RMF, ISO 27001/27002).

• Support A&A processes.
• Validate documentation and accreditation packages to ensure systems meet IA/security requirements.
• Serve as SME for USPS A&A processes, guiding stakeholders and new team members.

• Utilize GRC tools to manage A&A workflows.
• Develop and maintain security blueprints, principles, and standards.
• Ensure enterprise IT systems are secure, consistent, and aligned with organizational objectives.

• Experience with network and vulnerability scanning tools (e.g., Nessus, Qualys, Rapid7).
• Strong understanding of security architecture and infrastructure hardening.
• Apply best practices for secure system design and configuration.

• Manage multiple large‑scale projects with high complexity and risk.
• Collaborate effectively with stakeholders, cross‑functional teams, and executives.
• Maintain detailed schedules and actionable project plans.
• Communicate security risks, findings, and recommendations clearly to technical and non‑technical audiences.

• 8–12 years of relevant security or IT risk management experience.
• Bachelor’s degree in a relevant field (or 4 additional years of experience if unrelated).
• Certifications:
  
  Likely CISSP, CISM, Security+, CAP, or similar.

• Must pass a security clearance process (drug, criminal, and credit checks).
• U.S. Citizen or Permanent Resident (Green Card holder).
• No more than 6 months of travel abroad in the past 5 years (military service excluded).
• Dress code:
  Business casual.
• Overtime requires prior written authorization.

• Expertise in NIST RMF and FISMA compliance.
• Practical knowledge of A&A processes and GRC tools.
• Familiarity with cloud security (AWS, Azure, GCP).
• Experience with risk management documentation (e.g., SSPs, POA&Ms).
• Excellent organizational, communication, and leadership abilities.
• Proven ability to handle multiple high‑risk projects simultaneously.

We are an Equal Opportunity Employer and value the benefits of diversity in our workplace.

Seneca Resources is a client‑driven provider of strategic Information Technology consulting services and Workforce Solutions to government and industry. We are a leading IT services provider with offices in Reston, Virginia, Alabama and Columbia, Maryland, servicing clients throughout the United States. We challenge our staff through engaging work, offering competitive compensation, extensive professional training, and excellent opportunities for career advancement.