Cyber Security Analyst/ISSO

Job Description

ATTENTION MILITARY AFFILIATED JOB SEEKERS - Our organization works with partner companies to source qualified talent for their open roles. The following position is available to Veterans, Transitioning Military, National Guard and Reserve Members, Military Spouses, Wounded Warriors, and their Caregivers. If you have the required skill set, education requirements, and experience, please click the submit button and follow the next steps. Unless specifically stated otherwise, this role is "On-Site"

Minimum Requirement to Start: Secret
Percentage of Travel Required: Up to 10% (Local)
The proposed salary range for this position is: $66,100 - $135,600

The company is seeking a Cyber Security Analyst to join our team supporting a Department of Defense (DoD) client. If you are looking for your next career challenge with a highly skilled development team, the company would like to speak with you. In this role, you will support the DoD Risk Management Framework (RMF) process and activities to support the customer's mission and cyber security posture for a portfolio of systems (NIPR/SIPR), sponsored by a variety of DoD customers. You will be an integral part of the team specializing in cybersecurity and Authority To Operate (ATO) package management in a DoD cloud environment.

Responsibilities:

• Work collaboratively with the ISSM, stakeholders, and the team to support cybersecurity efforts (NIPR/SIPR)

• Create and manage RMF artifacts and the entire ATO lifecycle

• Conduct vulnerability assessments on technologies to verify system security and compliance and assist in remediation efforts

• Review and analyze GitHub and software vulnerability scans

• Utilize scripting and development tools to achieve cybersecurity compliance and reporting needs

• Ensure application, system, environment, or organizational changes do not have an adverse effect on the security posture of the system security compliance and assessment

• Monitor and validate vulnerability postures in Assured Compliance Assessment Solution (ACAS), and ensure all systems comply with DISA Security Technical Implementation Guidelines (STIG)s and with CSSP requirements

• Update and ensure Plan of Action and Milestones (POA&Ms) are in place for vulnerabilities that cannot be remedied at the time of the finding

Qualifications: (Please have minimum qualifications easily found on resume before submitting for position)


• Must be a U.S. Citizen with an active DoD Secret clearance (at minimum)


• Typically requires at least 2 years' experience and a B.S. in Information Technology, Information Security, or related field. Equivalent professional experience may be considered in lieu of degree.


• Experience and knowledge in DoD RMF v2.0, National Institute of Standards (NIST) directives and controls, and Authorization to Operate (ATO) processes


• Knowledge of cybersecurity concepts and tools, such as DISA STIGs, SCAP, SCC Tool


• Minimum 2 years' experience using the DoD Enterprise Mission Assurance Support Service (eMASS) as a system certification and accreditation tracking tool


• Trained in the use of the ACAS to include how to remedy Information Assurance Vulnerability Management (IAVM) findings


• Must be able to meet 8140.03 requirements (for example, Security+) or be able to obtain within 6 months of starting position


• Experience with cloud implementations (e.g. MS Azure) and environments


• Experience using vulnerability assessment tools as well as analyzing and interpreting assessment results


• Experience in initial risk assessment activities and ability to assist Authorizing Official risk determination with risk acceptance

Desired:

• Experience implementing NIST 800-53 controls

• Familiarity with any of the following: FEDRAMP, DISA APL, Reciprocity, DevSecOps, SIEM, Microsoft Defender for Cloud

• Familiarity with Continuous ATO

• Experience with container technology

• Operational knowledge of GitHub Advanced Security scanning tools, to include reviewing results of custom software security scans

• Ability to apply principles, theories, and concepts while contributing to the development of new, innovative principles and ideas

• Highly responsible, team-oriented individual with strong work ethic

• Excellent written and verbal communication skills