Cyber Compliance Reporting

About The Position

Requirements

• Active DoD Secret Clearance.
• BA/BS or equivalent years of relevant experience.
• 7 + years of relevant experience.
• DOD 8570 IAT II certified.
• Strong working knowledge of MS tools such as Word, Excel, PowerPoint, SharePoint, and Power Bi.
• Experience with Tenable Security Center, Tanium, Microsoft Defender Endpoint.
• A working knowledge and understanding of National Institute of Standards and Technology (NIST), Risk Management Framework (RMF), network security technologies, procedures and operational constructs.
• Solid writing and communications skills.
• Strong Microsoft Office skills to include Word, Excel, PowerPoint, SharePoint, including Power Bi.
• Strong knowledge of Department of Defense (DoD / DoW) terminology, acronyms and verbiage related to Cybersecurity, Information Technology and other Cyber related events.
• Familiarity with Plans of Action and Milestones (POA&M) for securing IT vulnerabilities, exploits and weaknesses.
• Understand and communicate the difference between a threat, vulnerability and a risk.

Nice To Haves

• Master’s degree.
• 4+ years of military experience.

Responsibilities

• Drafting and managing technical orders.
• Tracking compliance.
• Analyzing cybersecurity vulnerabilities.
• Coordinating cyber activities with external and internal entities.
• Reviewing proposed solutions for compliance with federal and defense regulations.
• Assisting in the creation of white papers for course of action analysis.
• Write Operational Orders, Cyber Task Orders and other tasking mechanisms related to Information Technology.
• Track, verify and enumerate metrics related to inbound and outbound TASKORDs, CTO, EXORDs and other tasking mechanisms from DoD and DHS.
• Examine datasets and use investigative techniques to determine what systems are in compliance with or deviating from the known standard.
• Filter a dataset and conduct analysis in order to provide the Customer with an explanation based on potential scenarios proposed by the Government or the Analyst.
• Analyze data contained within multiple tools (e.g. Tanium, ACAS, etc.) to determine the potential attack surface of a vulnerability based on an understanding of the exploitability of the vulnerability and active and passive defenses used by the network.
• Differentiate between risk mitigation and risk remediation, the processes for each and how to manage and track both.
• Maintain datasets related to information systems and related data used by the organization.
• Assist in the creation and publication of technical orders to service customers; track the compliance and status of orders through their lifecycle in an Orders Management program.
• Track and acknowledge the receipt of vulnerabilities through a Orders Management program; analyze and report the compliance of vulnerabilities on affected assets.
• Disseminate IAVM/ISVM notices and track compliance as directed by USCYBERCOM or CGCYBER.
• Assist with the coordination of and implementation of the IA program with a specific emphasis on the reporting, tracking and compliance of KPIs.
• Drafting management level reports detailing vulnerabilities released, compliant, and non-compliant as well as trending information across the enterprise.
• Review proposed solutions to ensure they meet Federal and Defense information technology regulations.
• Assist in researching product information to developing white papers for course of action analysis.
• Coordinate cyber activities with both external entities (DOD, DHS, and Commercial Industry) as well as internal USCG entities.

Benefits

• Flexible time off
• Robust learning resources
• Healthcare
• Wellness
• Financial
• Retirement
• Family support
• Continuing education