Information Security/Privacy Analyst III

Title: Information Security/Privacy Analyst III Role: Information System Security Officer (ISSO) Location: Remote (Teleworker - VAT200 - VA P0) Pay Rate: $50/hr - $57/hr on W2 This position involves assessing, managing, and mitigating cybersecurity risks while ensuring compliance with NIST RMF, ISO, and other federal or organizational security frameworks. The role is strategic and hands-on, suitable for senior professionals with deep experience in information assurance, risk management, and compliance. Key Responsibilities 1. Risk and Vulnerability Management • Conduct threat and vulnerability assessments for IT systems and applications (including cloud). • Identify deviations from policies and standards. • Recommend and implement mitigation strategies. • Perform and document security control assessments (NIST RMF, ISO 27001/27002). 2. Compliance & Authorization • Support A&A (Assessment and Authorization) processes. • Validate documentation and accreditation packages to ensure systems meet IA/security requirements. • Serve as SME for USPS A&A processes, guiding stakeholders and new team members. 3. Governance & Architecture • Utilize GRC tools to manage A&A workflows. • Develop and maintain security blueprints, principles, and standards. • Ensure enterprise IT systems are secure, consistent, and aligned with organizational objectives. 4. Technical & Tool Proficiency • Experience with network and vulnerability scanning tools (e.g., Nessus, Qualys, Rapid7). • Strong understanding of security architecture and infrastructure hardening. • Apply best practices for secure system design and configuration. 5. Leadership & Communication • Manage multiple large-scale projects with high complexity and risk. • Collaborate effectively with stakeholders, cross-functional teams, and executives. • Maintain detailed schedules and actionable project plans. • Communicate security risks, findings, and recommendations clearly to technical and non-technical audiences. Experience & Education Requirements • Experience: 8-12 years of relevant security or IT risk management experience. • Education: Bachelor's degree in a relevant field (or 4 additional years of experience if unrelated). • Certifications: May be required depending on the project (likely CISSP, CISM, Security+, CAP, or similar). Additional Requirements • Must pass a security clearance process (drug, criminal, and credit checks). • U.S. Citizen or Permanent Resident (Green Card holder). • No more than 6 months of travel abroad in the past 5 years (military service excluded). • Dress code: Business casual. • Overtime requires prior written authorization. Ideal Candidate We are looking for: • Expertise in NIST RMF and FISMA compliance. • Practical knowledge of A&A processes and GRC tools. • Familiarity with cloud security (AWS, Azure, GCP). • Experience with risk management documentation (e.g., SSPs, POA&Ms). • Excellent organizational, communication, and leadership abilities. • Proven ability to handle multiple high-risk projects simultaneously. About Seneca Resources: Seneca Resources is client driven provider of strategic Information Technology consulting services and Workforce Solutions to government and industry. Seneca Resources is a leading IT services provider with offices in Reston, Virginia, Alabama and Columbia, Maryland that service clients throughout the United States. The key to our success lies within our strong corporate culture which drives our business. We challenge our staff through engaging work, and we reward our staff through competitive compensation, extensive professional training, and excellent opportunities for career advancement. In turn, we look for only the best and brightest to join our team. We are an Equal Opportunity Employer and value the benefits of diversity in our workplace. Apply tot his job