Cyber Security Analyst / ISSO

Scientific Research-posted 2 months ago
$157,400 - $210,000/Yr
Washington, DC
1,001-5,000 employees
Professional, Scientific, and Technical Services
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

The Cyber Security Analyst / Information System Security Officer (ISSO) will be a member of a small team focusing on developing services and applications in a DevSecOps based environment in support of the Defense Intelligence Agency (DIA). Engineering will be performed on Joint Worldwide Intelligence Communications System (JWICS) and National Security Agency Network (NSANet) connected systems. As a Cyber Security Analyst/ ISSO, this position is responsible for supporting the Information System Owner to complete security assessment, continuous monitoring, and configuration management responsibilities.

  • Developing and updating assessment and authorization documentation (Body of Evidence) for management and continuous monitoring of information systems
  • Performing ongoing compliance assessments using tools, such as Assured Compliance Assessment Solution (ACAS), Secure Content Automation Protocol (SCAP), and Trellis Virus Scan Enterprise reviewing, documenting, and maintaining all results
  • Verifying patches and virus definitions to the systems using existing automated tools
  • Adhering to pre-defined configuration management and change management policies and procedures for authorizing software prior to its implementation on systems
  • Performing security audits using to track multiple events including any signs of inappropriate or unusual activity, intrusion events, data transfers, etc.
  • Performing security assessments of DoD Family of Systems in accordance with National Institute of Standards and Technology (NIST), Navy, and NAVINTEL IA guidance, working with system engineers to take corrective action to resolve identified problems
  • Becoming a NAVINTEL IA ICOP Trusted Agent within 6-months
  • Performing Site Based Security Assessments (SBSAs) of systems and recommending authorization to the Designated Authorizing Official (DAO) as a certified Trusted Agent
  • Reporting security incidents in accordance with the Command Incident Response Plan
  • Ensuring systems are operated, used, maintained, and disposed of in accordance with all applicable security policies and practices
  • Must possess an active Top Secret, SCI eligible clearance
  • Ability to obtain CI Poly clearance
  • 5 years of cybersecurity experience
  • Must currently hold a DoD 8570-compliant IAT II certification (SSCP or Security+CE with appropriate CE/OS certificate), and IAM II certification (CAP or CASP CE) or be able to obtain within six months, CE/OS certificate may include Windows or Linux
  • Experience with System Security Plans (SSPs), eMASS and/or Xacta, POA&Ms, ACAS/Nessus, SCAP, and DISA STIGs
  • Experience with Risk Management Framework processes
  • Have developed communication skills and the ability to express thoughts and ideas clearly and concisely
  • Must be a team player, dedicated to program support, capable of multitasking and working several complex and diverse tasks with simultaneous or near simultaneous deadlines
  • Be a self-starter who is accountable and requires minimal direction and supervision
  • Be open to new and innovative ideas
  • Must be able to be appointed ISSO for NCS systems within 6-months of employment
  • Bachelor's degree in relative technical discipline
  • Active TS/SCI with CI Poly
  • Extensive training or experience with Windows based Information Systems standards with a working knowledge of networking devices
  • Knowledge of Container Security and best practices securing containerized applications
  • Knowledge of configuration of various SQL databases: MS SQL, PostgreSQL, MongoDB, MariaDB, MySQL, Elasticsearch
  • Knowledge of Web Servers: Apache Web Server, Apache Tomcat, Red Hat JBOSS, nginx, MS IIS
  • Knowledge of data flows and the ability to work up readable network topology and data flow diagrams
  • Experience with NAVINTEL IA Enterprise Services (Continuous Monitoring)
  • Experience with the following systems/platforms/tools: HBSS, ACAS/Nessus, and SPLUNK
  • Medical, dental, and vision plans
  • 401(k) with a company match
  • Life insurance
  • Vacation and sick paid time off accruals starting at 10 days of vacation and 5 days of sick leave annually
  • 11 paid holidays
  • Tuition reimbursement
  • A work environment that encourages excellence
Track Jobs with Teal

Job Search Resources

AI Resume Builder
Cybersecurity Analyst Resume Examples
Cybersecurity Analyst Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service