A Sea of Choices – One Solution

There are almost as many IT security firms as there are organizations in need of their guidance. The big names boast decades of experience and a global reputation; the smaller names promise personalized work experience with lean operations.

We know there are a lot of firms vying for you. So why choose MindPoint Group?

MindPoint Group – The IT Security Job You’ve Been Looking For

At MindPoint Group, we specialize in one thing: IT security. In fact, our singular focus and reputation as cyber security specialist have earned us roles as trusted advisors to key government decision makers where we help shape IT security policy, engineer innovative security solutions, and support security operations.

At MindPoint Group, we hire only the most driven, most qualified IT security professionals, and we equip them with the tools and resources they need to deliver success. We are profoundly invested in selecting the right people to join our team and are equally driven to retain them for the long term.  And so, when we find the right fit, we make it work. We offer challenging, growth-oriented assignments. Our collaborative culture unites our staff. And we reward employees with a competitive and exceptional benefits package.

Company Mission

MindPoint Group is deeply committed to our mission to become a trusted partner by consistently delivering proven, on point services to our clients. We strive to provide an organizational culture that fosters innovation, technical excellence, dedication to repeatable processes, and attention to detail. We believe that by empowering our employees to excel and providing them with the means to do so, MindPoint Group will consistently exceed our customers’ expectations.

MindPoint Group is seeking an Information Assurance Analyst who will be directly responsible for reviewing and editing security documents for consistency, accuracy and compliance with regulatory policies for our government client. The Information Assurance Analyst is responsible for knowing all applicable federal mandates, how and where these mandates tie into government agency orders, policies, instructions, standards, handbooks and guides, as well as the impact of the security requirements on client systems and mission. The Information Assurance Analyst will be responsible for developing Security Authorization /SA&A packages for federal systems using NIST guidelines and their disaster recovery/contingency planning experience. The Information Assurance Analyst must be able to research information security vulnerabilities and identify necessary information security safeguards to implement in order to protect Information Technology (IT) assets. The Information Assurance Analyst supports the client by coordinating interviews and reviewing deliverables for accuracy with audit request. Tasking includes:

• Establish and maintain positive and productive working relationships between MPG and various client components

• Assist with periodic privacy assessments following OMB policies and NIST guidelines

• Conduct Privacy Threshold Analyses (PTAs) and Privacy Impact Assessments (PIAs)

• Create System of Records Notices (SORNs) for required programs and information systems

• Perform studies, technical assessments, surveys, and evaluations for detecting privacy weaknesses and deficiencies and recommend appropriate safeguards

• Perform validation testing of privacy weaknesses and deficiencies and update the documentation accordingly

• Develop privacy policies and procedures for the client

• Remain current with new developments in OMB policies and NIST guidelines

• Complete Security Authorization packages, to include system security plans, security assessment reports, POAM summaries and a continuous monitoring plan/assessment schedule, and present executive briefing to the government client management. The work is fully completed, reviewed, checked, and edited before presenting to the government client management.  

• Ensure Component system security authorization controls contain accurate implementation statements (formerly compliance descriptions) and assessments results, and that appropriate artifacts are uploaded in CSAM to support finding. Provide hands-on assistance as appropriate. 

• Provide weekly summaries to the government client management (or Component management as the case may be) on accomplishments and any noteworthy items.

• Must be knowledgeable in federal privacy laws and regulations and their relationship to the Privacy Act of 1974, the E-Government Act of 2002, and the Freedom of Information Act (FOIA).

• Conduct formal Office of the Chief Information Officer system oversight review, provide feedback and document findings in CSAM. Provide hands-on assistance to Components to correct weaknesses as necessary. 

• Ensure Component system inventory is accurate for FISMA reporting. Provide hands-on assistance to Components as necessary. 

Functional Responsibilities: The Information Assurance Analyst may perform any or all of the following: Oversees and manages day-to-day operation of Information Systems. Optimize system operation and resource utilization, and performs system capacity planning/analysis while maintaining the security posture. The Information Assurance Analyst performs system security analyses on client networks and systems; provide guidance, training, research, and recommendations on client networks and AIS; performs security audits, evaluations, and risk assessments of complex operational systems and facilities and provide recommendations for remediating detected vulnerabilities; conduct security and internal control reviews of sensitive systems. In addition, the Information Assurance Analyst conducts specific technical reviews to support non-standard operational requirements and systems; design, develop, and maintain unique security tools and techniques for conducting security assessments; provide advanced technical computer and communications security assistance; provide expert assistance and recommendations in the field of Information Assurance and Cybersecurity. Conducts security assessments, security authorizations , and evaluations of applications and systems processing sensitive or classified information; develop requirements and specifications for reviewing and approving procurement requests, major systems development activities, telecommunications and teleprocessing hardware and software, and hardware and software encryption techniques on the basis of security concerns; and assess technology to ensure that security vulnerabilities are identified and remediated.  

•Minimum of five (5) years of general work experience and three (3) years of relevant experience in functional responsibility.

•Minimum Education: Bachelor’s Degree

•Candidates should be well-versed in risk management and must have experience working with SDLC, and performing security tasks throughout.

•Experience and working understanding of FISMA compliance, experience conducting all phases of Certification and Accreditation (C&A) and creating documentation in accordance with NIST guidance.

•Understanding and experience with CSAM is a PLUS.

•Candidate should have strong analytical and organizational skills.

•Candidate should have concise writing skills, excellent MS Word skills as well as other MS Office Applications.

•Must be able to work independently or within a team environment.

•CISSP, CISA,CAP etc. or other certifications in the security area are highly recommended

•A strong network engineering background and an extensive knowledge of and proficiency in information system security programs is recommended. 

•Recent experience in analyzing or implementing security measures for web and client server environments and performing security analyses of various operating systems (Windows and Unix/Solaris/Linux environments) is also recommended. 

•Experience with a variety of scanning tools (e.g., Foundstone, AppDetective, and Retina) is highly recommended.

All your information will be kept confidential according to EEO guidelines.