Organization: Accenture Federal Services
Location: San Antonio, TX
Accenture Federal Services, a wholly owned subsidiary of Accenture LLP, is a U.S. company with offices in Arlington, Virginia. Accenture's federal business has served every cabinet-level department and 30 of the largest federal organizations. Accenture Federal Services transforms bold ideas into breakthrough outcomes for clients at defense, intelligence, public safety, civilian and military health organizations.
We believe that great outcomes are everything. It’s what drives us to turn bold ideas into breakthrough solutions. By combining digital technologies with what works across the world’s leading businesses, we use agile approaches to help clients solve their toughest problems fast—the first time. So, you can deliver what matters most.
Count on us to help you embrace new ways of working, building for change and put customers at the core. A wholly owned subsidiary of Accenture, we bring over 30 years of experience serving the federal government, including every cabinet-level department. Our 7,200 dedicated colleagues and change makers work with our clients at the heart of the nation’s priorities in defense, intel, public safety, health and civilian to help you make a difference for the people you employ, serve and protect.
The San Antonio Delivery Center is part of the Accenture's US Delivery Center organization, which is comprised of six delivery centers that create client value through innovative technology solutions primarily focused in Application Outsourcing, ERP solutions, Information Management Services, and Net Centric solutions.
Our San Antonio Delivery Center employees can expect to:
- work with cutting edge technology
- deliver high-quality solutions across multiple industries
- work on a variety of projects ranging in both size and scope
- receive continuous training and career development
The A&A/RMF Information Assurance Analyst will serve as the Cybersecurity Subject Matter Expert (SME) with regards to Assessment & Authorization and FISCAM compliance of information systems and all associated cybersecurity policies and procedures. Fully versed in the general tenets supporting the overall Federal Government implementation of its authorization process, to include supporting cybersecurity policy, procedures and processes. Leads Federal Government cybersecurity processes while either authorizing an information system or serving as a SME for an information system undergoing authorization. Possess an understanding of how the security controls identified in the NIST 800-53 apply to the process of assessing and authorizing large organization IT infrastructure and cloud technologies, in which there is a compilation of large and small enclaves, AIS applications and outsourced IT processes. Determines the applicable severity value for an identified vulnerability (e.g., non-compliant security control), and determines the possible ramifications on the system’s current or future authorization. Required to brief senior management on the progress or results of an information system undergoing the authorization process.
Assists with defining security objectives and system-level performance requirements.
Configures and validates secure systems, tests security products/systems to detect computer and information security weaknesses.
Coordinates the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results and preparation of required reports.
Coordinates the periodic review of each system’s &A package and monitors corrective actions until all actions are closed.
Supports the development of integrated system solutions ensuring proprietary/confidential data and systems are protected.
Guides the establishment of strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems.
Understands FISCAM methodology for performing information systems control audits
Applies top-down, risk-based approach assessments considering materiality and significance in determining effective and efficient audit procedures tailored to achieve the audit objectives
Identifies and evaluates complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement