Cyber Security Analyst Level II

About The Position

Requirements

• Possesses and applies expertise on multiple complex work assignments. Assignments may be broad in nature, requiring originality and innovation in determining how to accomplish tasks. Operates with appreciable latitude in developing methodology and presenting solutions to problems. Contributes to deliverables and performance metrics where applicable. Experience across the following is required:
• Support of Operations Security and Remediation Team’s role providing technical advice and National Institute of Standards and Technology (NIST) based information assurance governance guidance.
• Strong Knowledge of the NIST Risk Management Framework (RMF) to perform technical support for annual Assessment and Authorization (A&A) security assessments performed by Office of the Chief Information Security Officer (OCISO).
• Strong Understanding of all the NIST RMF Assessment and Authorization (A&A) documents and how to use the following but not limited to: Privacy threshold analysis (PTA), Privacy Impact Assessment (PIA), Control Assessment Worksheet (CAW), E-Auth, FIPS 199.
• Transfer of Knowledge on managing Plans of Actions and Milestones (POA&Ms) for weakness remediation.
• Strong Knowledge of the Department of Homeland Security (DHS) and the Office of Management and Budget (OMB) memo/Binding Operational Directives (BODs) impact assessment.
• Group to develop, update, and manage, cybersecurity documentation: System Security Plans, Privacy Assessments, Contingency Plans, Federal Information Processing Standard Publication 199 (FIPS-199) categorization changes Security Impact Assessments, etc.
• Perform Technical support for Department of Homeland Security (DHS) initiatives that require implementation (such as Continuous Diagnostics and Mitigation (CDM) using Okta and Certificate Management-Privileged Access Management (CA-PAM).
• Analyze vulnerability and compliance scans for false positive identification and evaluate in terms of operational system data in coordination with Product Team Leads.
• Track and establish cause of vulnerabilities that are precise but no more than 180 days.
• Review/Update/Create system security configuration baselines – revise as necessary as the Center for Internet Security (CIS) and Security Technical Implementation Guides (STIG).
• benchmarks are updated and coordinate changes with associated OCISO Enterprise Scan Team’s compliance configurations upon three days of release.
• Support teams to define and prioritize actionable timely recommendations for addressing compliance and vulnerability issues for network, operating systems, middleware, databases, and application. With experience leading remediation of Known Exploitable Vulnerabilities (KEVs).
• Strong Understanding of the Federal Information Security Modernization Act (FISMA) systems, and National Institute of Standards and Technology (NIST) controls and support on how to implement them – potentially how to automate them whether through process, NIST OSCAL programming or other common scripting languages (e.g. Python).
• In depth knowledge with networking, operating system, and middleware builds (configuration baselines).
• In depth knowledge with CLOUD and Federal Information Security Management Act (FISMA) processes to include customer control metrics security tools and options.
• Provide support with the Regular Expression (REGEX) for understanding/editing scan signatures.
• Provide support, oversight, review, log data, network operation and security, and analysis for the following but not limited to: Scripting for Linux, Windows, Tenable, DBProtect, HP WebInspect, CSAM (the official cybersecurity repository), Juniper, CISCO, advance tools, IPv6.
• Cloud security: to manage Assessment and Authorization (A&A) work for those systems
• Use Rally to manage Epics, Features, and User Stories; provide Scrum Master services to create Rally artifacts and Agile documentation; translate Plan of Action and Milestones (POA&M) findings into clear, actionable guidance for technical leads and track remediation progress in Rally.
• Supporting USPTO Data Calls and ensuring timely and completed submission, collaborating with subject matter experts.
• Support incident response activities with Enterprise Operations Command Center.
• Support new tools as required.

Nice To Haves

• Experience with Rally and agile ceremonies.
• Python coding
• Experience using the Cybersecurity Asset Management (CSAM) system for customer base.

Responsibilities

• Developing the Project Management plans and other contract documents
• Directing the day-to-day efforts of technical personnel.
• Ensuring the quality of deliverables: cyber documentation, software, engineering and testing plans, or network installations.
• Monitors activities under the contract to ensure that all activities are executed in accordance with contract requirements and the COR’s direction.