Senior Information Security Analyst

As a member of the StateRAMP Program Management Office (PMO), you will play a crucial role in addressing security-related challenges. You will identify and document gaps discovered during assessments, communicate these findings effectively, and provide valuable insights during meetings with Cloud Service Providers (CSPs) and representatives from Third-Party Assessment Organizations (3PAOs).

This position entails evaluating and monitoring the security measures of Cloud Service Providers (CSPs) during the StateRAMP authorization process and throughout the continuous monitoring phase to detect potential security vulnerabilities. The role is crucial for ensuring CSP’s solutions have effectively implemented the NIST SP 800-53 framework and StateRAMP requirements.

This position is responsible for ensuring that security measures align with the stringent requirements set forth by StateRAMP and the implementation of security technologies across CSP solutions that meet the NIST SP 800-53 framework.  This involves conducting thorough assessments of CSP ‘s system security product for StateRAMP authorization, analyzing and reporting on CSP’s continuous monitoring, and evaluating products in StateRAMP Security Snapshot program.  Additionally, the position will analyze reports for areas of risk and deficiencies, assess security vulnerabilities, make recommendations for improvements, and report compliance gaps that could jeopardize data integrity and confidentiality.

• Bachelor’s degree in computer science, information technology, information assurance, cybersecurity, or related field.
• In lieu of a degree, consideration will be given to an equivalent combination of related education and work experience.
• 3-5 years of prior experience in information security compliance, information security auditing, vulnerability management, and/or information security with a focus on NIST SP 800-53.
• Detailed knowledge of security and privacy standards and best practices, including current NIST Special Publication 800 series (800-53, 800-137, 800-145).
• Demonstrate excellent communication skills and the ability to drive reporting and security assessment activities.
• One or more of the following security certifications (or other relevant security certifications/experience):
• CRISC
• CISA
• SSCP
• CCSP
• GCLD
• GCIH
• Associate of (ISC)²
• CompTIA Security+
• Certified Ethical Hacker
• US Citizenship

Preferred Qualifications:

• Experience with one or more of the compliance areas: IRS 1075, MARS-E 2.0, FERPA, NERC, SOC 2, ISO 27001.
• Experience with StateRAMP or FedRAMP.
• Understanding of major CSPs (AWS, Azure, Google).
• Understanding of Agile framework/methodology.
• Experience in any of the following areas: Incident detection, technical writing, vulnerability scanning, system administration, network monitoring, endpoint security, vulnerability remediation, event analysis/investigation, firewall configuration/management

Additional Information:

This role additionally augments and assists Service Providers and 3PAOs with guidance, documentation review, and analysis of security packages pre-audit, and provides best practices and guidance to providers working to become StateRAMP Ready and Authorized. The Information Security Analyst will part of the StateRAMP PMO team and report to the StateRAMP PMO Manager.

Knowledge Services strives to offer an environment that provides our employees with the right balance between work and family.  

Perks and Benefits include:

• Brand new HQ office full of amenities (gym, rec room, coffee bars, bike room)
• Personal, modern work stations with standing desks and top of the line technology 
• Mindful environment with touchless door entry and hospital grade air filtration system
• Comprehensive health insurance including dental and vision coverage
• Company funded life insurance
• 401k match program (Roth and Traditional options)
• Established Wellness Program
• PTO & Paid Holidays

Knowledge Services, established in 1994 and headquartered in Indianapolis IN, is a certified woman-owned (WBE) professional services organization with over 1500 employees located in offices throughout North America.  Founded by Julie Bielawski, CEO, Guidesoft, Inc. DBA Knowledge Services is an industry leader in Managed Service Programs (MSP), Employer of Record / Payrolling Services, National Recruitment, and Staffing Services.  We provide outstanding services to major organizations in various industries, including; IT, Healthcare, Entertainment, Media, Federal and State Governments, Public Utilities, Telecom, Manufacturing and more.

As such, Knowledge Services is committed to providing opportunities for growth – in our company, in each team member and in our relationships.  We believe titles do not define a person, but provide a framework to each person’s endless potential.  Our focus on improving our team, product and processes drive us every day.  We are guided by our four Pillars that set the foundation of who we are and how we conduct business:  Knowledge, Integrity, Innovation, and Service. 

Knowledge Services is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity or expression, pregnancy, age, national origin, disability status, genetic information, protected veteran status, or any other characteristic protected by law.

People with disabilities, veterans, and military families are encouraged to apply.

Applicants with disabilities may contact Human Resources via telephone, e-mail, and other means to request and arrange for accommodations.  If you need assistance to accommodate a disability, you may request an accommodation at any time.  Please contact the Human Resources Team at HR@knowledgeservices.com or 317.806.6102.