Information Assurance Analyst Job at Gunnison Consulting Group Inc

Gunnison Consulting Group Inc Remote

We are seeking a motivated and customer-oriented professional to support our HHS client. HHS and its Operating Divisions (OpDivs) are charged with ensuring compliance with the mandates outlined by FISMA. In compliance with such mandates, HHS leads several initiatives to ensure the OpDivs report their organization's security and privacy posture in an accurate, timely, and consistent manner. The HHS OIS Enterprise Compliance Team has ongoing activities required to be performed on a daily, monthly, quarterly and annual basis as mandated by OMB through FISMA.

Duties and responsibilities include:

  • Collect and analyze the FISMA data submitted by OpDivs and HHS Department Point of Contacts (POCs)
  • Coordinate with the HHS Federal Information Technology Acquisition Reform Act (FITARA) team, Enterprise Architecture (EA), Policy, Enterprise Performance Lifecycle (EPLC), and Capital Planning and Investment Control (CPIC) teams to ensure all FISMA requirements are in alignment
  • Analyze and interpret DHS/Office of Management and Budget (OMB) Fiscal Year (FY) CIO FISMA metrics
  • Support OS Vulnerability Management providing OS stakeholders/StaffDivs with policy, OMB and NIST guidance and recommendations
  • Review and analyze OpDiv submitted FISMA metrics
  • Consolidate the OpDivs' reporting templates
  • Support the creation of the annual FISMA report which includes the CIO, Senior Agency Official for Privacy (SAOP), and Inspector General (IG) reports
  • Facilitate the monthly HHS FISMA working group meetings with OpDivs
  • Coordinate the development of the SAOP report with the HHS Privacy Team
  • Review and provide feedback on the draft OIG report to the HHS OIG
  • Manage the approval of the annual FISMA report by the HHS OCIO, Assistant Secretary of Administration (ASA), and Secretary and submit the HHS Annual FISMA package to DHS/OMB
  • Provide policy support for both the HHS enterprise and OS levels; analyze existing policies and provide recommendations
  • Communicate OMB and National Institute for Standards and Technology (NIST) guidance to all HHS stakeholders in a timely manner
  • Monitor the Cybersecurity mailbox and provide timely responses to all inquiries
  • Monitor the FISMA mailbox and provide timely responses to all inquiries; examples include but are not limited to OMB/DHS reporting requirements and ad-hoc inquiries, copies of HHS Department policies, and HHS guidance on FISMA metrics
  • Provide FISMA support to OS Cybersecurity in the areas of:
    • FISMA related data calls and reporting
    • Assistance with the aggregation, consolidation and analysis of all OS FISMA data

Required Qualifications:

  • 2+ years of recent experience with FISMA or FISMA related products and information.
  • Demonstrated expertise in Microsoft Office tool suite, specifically proficiency in MS Excel.
  • Awareness of current information security issues and the ability to interpret the requirements of relevant policies and standards set forth in NIST documentation.
  • Ability to assess and weigh current and evolving security risks in an operational environment.
  • Proven problem management skills with the ability to think critically.
  • Must be able to leverage technology and apply critical thinking to gather, aggregate, and analyze data, and present results to senior clients.
  • Ability to work effectively in a team management environment and participate in collaborative initiatives which foster the mutual exchange of knowledge and expertise.
  • Ability to make decisions and resolve problems effectively - Seek out information and data to evaluate, prioritize and formulate best solution or practice.
  • Must be able to multi-task, work independently and as part of a team, share workloads, and deal with sudden shifts in project priorities.
  • Effectively navigate political landscape and build and strengthen relationships at all levels to include other HHS OpDivs and government vendor partners.
  • Experience shall be in a related security technology or discipline such as security assessments (planning & compliance, architecture, audits, risk & vulnerability identification), creating and implementing security concepts and policy, encryption technology, firewall technology, information protection and/or security training and awareness.
  • This job requires interaction with scientists, program managers, senior executives, end-users, programming staff, administration, and support personnel.
  • Ability to effectively communicate ideas and concepts both orally and in written documents is critical.
  • The ability to use reliable and secure equipment and work independently and remotely using digital tools is required.
  • Ability to translate tactical issues and address them from a strategic perspective.
  • Ability to function in a fast-paced environment and effectively manage multiple tasks simultaneously; coordinating resources and ensuring scheduled goals are met.

Education Requirement: Bachelor's degree in related field preferred. May be substituted with equivalent work experience.

Certification Requirement: Professional certification obtained through ISC2 or ISACA (ex: CISSP, CISM, CISA) preferred.

Clearance Requirement: Ability to obtain and maintain a Public Trust.

Why Join Gunnison?

  • Gunnison takes on ambitious projects. We target fun, challenging work that requires creative thinking and innovation.
  • Quality is our top priority.
  • Gunnison employee benefits meet or exceed what other companies in the Washington, D.C. metropolitan area offer.
  • As a small firm there is a great sense of camaraderie at Gunnison. Employees are treated like family. This is an atmosphere we will maintain as we continue to grow.
  • We are growing rapidly and the opportunity for individual professional growth with Gunnison is outstanding.
  • We hire for careers at Gunnison, not to fill a position.

Employee Benefits

Gunnison employee benefits meet or beat other companies in the Washington, D.C. metropolitan area, including:

  • Bonuses AND profit-sharing!
  • 401k Matching
  • Certifications and training allowance $2,500/year
  • 3 weeks of personal leave your first year (160 hours can roll over every year)


Equal Opportunity/Affirmative Action Employer. Must be eligible for employment in the United States. We are unable to sponsor candidates at this time.

In 1994 Gunnison Consulting Group began serving the greater Washington, D.C. metro area, focused on tackling our customers' most ambitious technology projects. By creating a culture dedicated to enabling our customers and employees to achieve more than they ever thought they could, the company has thrived for over 25 years.




Please Note :
chrismaxcer.com is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, chrismaxcer.com provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, Site.com is the ideal place to find your next job.