IT ANALYST IV (SENIOR) - FISMA PROGRAM SUPPORT (15.27)

OCT Consulting is a business management and technology consulting firm that provides support to Federal Government clients. We provide consulting services in the areas of Strategy, Process Improvement, Change Management, Program and Project Management, Acquisition/Procurement, and Information Technology.

QUALIFICATIONS/REQUIREMENTS

• Must be a U.S. Citizen
• Minimum 5 years of experience working with NIST security controls and information assurance
• 4+ years of experience working and supporting HVAs as part of the NIST Risk Management Framework (RMF) process
• Experience in development of Federal and Agency level cybersecurity program documentation
• Experience working with federal cybersecurity compliance requirements and assessments
• Security+ certification or equivalent cybersecurity certification
• Understanding of Federal Information Security Modernization Act 2014 (FISMA)
• Understanding of NIST Risk Management Framework (RMF)
• Understanding of NIST Cybersecurity Framework (CSF)
• Knowledge of information assurance, cybersecurity, and privacy policies disciplines and methodologies
• Understanding of CSAM reporting and controls management
• Comprehensive understanding of Systems Analysis, Business Analysis, and Business Intelligence principles
• Ability to design, manage, and deploy data systems, reports, and dynamic dashboards
• Knowledge of specialized Business Intelligence software, SQL query language, Microsoft SharePoint, and database applications (Tableau, BI 360 & Power BI, Hyperion, SQL Reporting Services preferred)
• Proficiency in Microsoft tools: Word, Excel, Project, PowerPoint, and Visio
• Ability to present analytic findings, extract data from multiple sources, and conduct root cause analysis
• Excellent oral and written communication skills

RESPONSIBILITIES AND DUTIES

OCT currently has an opening for an IT Analyst IV (Senior) - FISMA Program Support to work with our federal client. The IT Analyst IV will provide comprehensive program support to DOT’s Director of FISMA and HVA Compliance, assisting in the evaluation, implementation, and improvement of the USDOT’s FISMA program in accordance with federal mandates and cybersecurity requirements. This position is contingent upon contract award.

PRIMARY JOB DUTIES

• Support evaluation of information security systems and programs in accordance with OMB M-23-03, M-19-03, Executive Orders, and Federal Information Security guidance
• Assist in implementing goals to improve FISMA compliance through NIST Cybersecurity Framework (CSF) alignment
• Support development and modification of program plans to improve FISMA compliance
• Conduct comprehensive assessments of DOT’s current cybersecurity practices, systems, and controls
• Develop current cybersecurity profiles representing existing cybersecurity posture
• Create target profiles outlining desired cybersecurity outcomes aligned with NIST CSF
• Analyze gaps between current and target cybersecurity profiles
• Develop detailed corrective action plans (CAP) to address identified gaps
• Execute identified actions and initiatives outlined in corrective action plans
• Conduct monthly performance reviews on Operating Administration (OA) systems
• Implement robust monitoring and measurement frameworks for continuous cybersecurity assessment
• Provide feedback to ensure Risk Management Framework (RMF) is properly managed
• Support enhancement of dashboards for visualizing security metrics
• Facilitate annual discussions with key system stakeholders to review system portfolios