Cyber Security Specialist

About The Position

Requirements

• Secret Clearance - US Citizenship required
• BS Degree or 4 years of experience in lieu of Degree
• Compliant with 8140 requirements for DWCF code: 612 - Security Control Assessor
• Excellent communication and interpersonal skills
• Knowledge of network specific DISA Security Technical Implementation Guides and checklists
• Knowledge of asset scanning
• Experience performing audits within a DoD organization
• Experience with Risk Management Framework (RMF) and vulnerability management

Nice To Haves

• Knowledge of Enterprise Mission Assurance Support Service (eMASS)
• Knowledge of Assured Compliance Assessment Solution (ACAS), and Tychon Vulnerability scanning and reporting
• Knowledge of ePolicy Orchestrator (ePO) and Continuous Monitoring and Risk Scoring (CMRS)

Responsibilities

• Responsible for the day to day operations of conducting routine IA Audits on all Information Systems (IS) to ensure the appropriate IA security controls have been applied and maintained
• Evaluate IS for compliance in accordance with Risk Management Framework (RMF) 800-53 Controls and Special Directives
• Assist with the continuous monitoring of RMF packages within eMASS (POA&Ms, Test Results, Risk Assessments, etc.)
• Record and/or prepare artifacts associated with the audit to ensure a repository for all system RMF documentation is kept current
• Provide Certification and Accreditation (C&A) support in the development of security and contingency plans by conducting risk and vulnerability assessments
• Use the 800 Series NIST Special Publications as reference for C&A, system security plans, risk assessment, and other security requirements
• Create, edit, and review organization and team level documentation for clarity and accuracy and assist with development of security related TTPs, SOPs, processes, plans, or diagrams
• Use automated security scanning tools (SCAP, ACAS, Tychon, etc.) to identify potential vulnerabilities
• Analyze and report findings to technical teams and leadership for appropriate tracking and mitigation
• Research RFIs from technical teams regarding DISA STIG checklists, and DOD/Army regulations
• Explain requirements to systems administrators in detail to ensure proper understanding and clarity
• Review proposed courses of action from technical teams and recommend the most secure option while balancing operations and/or mission requirements
• Assist in the identification, tracking and remediation of security risks discovered on information systems
• Prepare and deliver detailed written reports and oral presentations to the Security Manger, Information Assurance Manager and other senior leaders or staff within the organization
• Coordinate with both internal and external entities to improve established processes and procedures; ensuring efficient execution of all analysis, tracking, mitigation and reporting requirements
• Coordinate directly with cross functional teams and management to resolve all compliance issues
• Support and/or lead special projects as required
• Complete other duties as assigned by management

Benefits

• Employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.