Cyber Anst II

About The Position

Requirements

• HS Diploma and 7+ years of experience, or
• BA/BS Degree and 3+ years of experience, or
• MA/MS Degree and 2+ years of experience
• Experience with RMF or other cybersecurity frameworks
• The applicant must be able to report to and work at Hill Air Force Base, UT
• US Citizenship Required Pursuant to a government contract, this specific position requires US citizenship.
• The applicant must be able to obtain and maintain a Top Secret clearance. An active Top Secret clearance is preferred but not required.
• The applicant must meet DoW 8140 Basic or higher certification requirements on hire date or must obtain such within 6 months of being hired (such as CompTIA Security+).

Nice To Haves

• An active Secret clearance, and ability to obtain a Top Secret clearance
• Experience as an ISSO/ISSM
• Experience with cybersecurity, risk, and control assessments
• General understanding of computer networks, hardware, databases, applications, security components, computer operations, and operating system maintenance
• Understanding of the DoW environment and familiarity with the DoW Acquisition System
• The ability to mediate differing perspectives and develop consensus relating to cybersecurity principles and regulations
• Ability to build bridges across organizational boundaries, and the ability to communicate with technical and non-technical leaders across large, complex organizations
• An individual with high integrity, strong work ethic and initiative, and capable of building strong, trusting relationships
• Experience with Microsoft Azure
• Experience with Enterprise Mission Assurance Support Service (eMASS)
• Knowledge and experience working with the DoW's Cybersecurity processes, DIACAP and/or the Risk Management Framework (RMF)

Responsibilities

• Fulfill the Information Systems Security Officer (ISSO) responsibilities as defined in AFI 17-101 Risk Management Framework (RMF) for the Air Force Information Technology (IT), and the “DoW Program Manager’s Guidebook for Integrating the Cybersecurity Risk Management Framework (RMF) into the System Acquisition Lifecycle”
• Serve as a Cybersecurity technical advisor and point of contact to the MMIII Program Manager
• Assess and analyze threats, vulnerabilities, and risks for assigned system(s)
• Develop security impact analyses
• Review technical assessments and provide feedback
• Upload, answer, and address RMF controls in eMASS
• Perform or review Security Impact Assessments for configuration changes and facilitate approval or disapproval of changes with the appropriate stakeholders
• Support, coordinate, and continuously monitor system security posture and ensure adverse events are formally handled and reported
• Participate in various working groups and customer meetings; ensure communication of risk environment with stakeholders
• Other duties as assigned

Benefits

• Competitive wages
• Medical
• Dental
• 401k
• Paid time off
• Work/life balance
• Career development
• Tuition reimbursement
• Mentorship opportunities
• Rewards & recognition