Cyber Compliance Reporting

About The Position

Requirements

• Active DoD Secret Clearance.
• BA/BS or equivalent years of relevant experience.
• 7+ years of relevant experience.
• DOD 8570 IAT II certified.
• Strong working knowledge of MS tools such as Word, Excel, PowerPoint, SharePoint, and Power Bi.
• Experience with Tenable Security Center, Tanium, Microsoft Defender Endpoint.
• A working knowledge and understanding of National Institute of Standards and Technology (NIST), Risk Management Framework (RMF), network security technologies, procedures and operational constructs.
• Solid writing and communications skills.
• Familiarity with Plans of Action and Milestones (POA&M) for securing IT vulnerabilities, exploits and weaknesses.
• Understand and communicate the difference between a threat, vulnerability and a risk.

Nice To Haves

• Master’s degree.
• 4+ years of military experience.

Responsibilities

• Drafting and managing technical orders.
• Tracking compliance.
• Analyzing cybersecurity vulnerabilities.
• Coordinating cyber activities with external and internal entities.
• Reviewing proposed solutions for compliance with federal and defense regulations.
• Assisting in the creation of white papers for course of action analysis.
• Write Operational Orders, Cyber Task Orders and other tasking mechanisms related to Information Technology.
• Track, verify and enumerate metric related to inbound and outbound TASKORDs, CTO, EXORDs and other tasking mechanisms from DoD and DHS.
• Examine datasets and use investigative techniques to determine what systems are in compliance with or deviating from the known standard.
• Filter a dataset and conduct analysis in order to provide the Customer with an explanation based on potential scenarios proposed by the Government or the Analyst.
• Analyze data contained within multiple tools (e.g. Tanium, ACAS, etc.) to determine the potential attack surface of a vulnerability based on an understanding of the exploitability of the vulnerability and active and passive defenses used by the network.
• Differentiate between risk mitigation and risk remediation, the processes for each and how to manage and track both.
• Maintain datasets related to information systems and related data used by the organization.
• Assist in the creation and publication of technical orders to service customers; track the compliance and status of orders through their lifecycle in an Orders Management program.
• Track and acknowledge the receipt of vulnerabilities through a Orders Management program; analyze and report the compliance of vulnerabilities on affected assets.
• Disseminate IAVM/ISVM notices and track compliance as directed by USCYBERCOM or CGCYBER.
• Assist with the coordination of and implementation of the IA program with a specific emphasis on the reporting, tracking and compliance of KPIs.
• Responsible for drafting management level reports detailing vulnerabilities released, compliant, and non-compliant as well as trending information across the enterprise.
• Review proposed solutions to ensure they meet Federal and Defense information technology regulations.
• Assist in researching product information to developing white papers for course of action analysis.
• Coordinate cyber activities with both external entities (DOD, DHS, and Commercial Industry) as well as internal USCG entities.

Benefits

• Flexible time off
• Robust learning resources
• Competitive compensation
• Competitive benefits
• Learning and development opportunities
• Comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits.