Cyber Security Specialist

About The Position

Requirements

• 2 years with BS/BA, 0 years with MS/MA, 6 years no degree
• Ability to obtain/maintain Secret Clearance - US Citizenship required
• Compliant with 8140 requirements for DWCF code: 612 - Security Control Assessor
• Excellent communication and interpersonal skills
• Knowledge of network specific DISA Security Technical Implementation Guides and checklists
• Knowledge of asset scanning
• Experience performing audits within a DoD organization
• Experience with Risk Management Framework (RMF) and vulnerability management

Nice To Haves

• Knowledge of Enterprise Mission Assurance Support Service (eMASS)
• Knowledge of Assured Compliance Assessment Solution (ACAS), and Tychon Vulnerability scanning and reporting
• Knowledge of ePolicy Orchestrator (ePO) and Continuous Monitoring and Risk Scoring (CMRS)

Responsibilities

• Conduct routine IA Audits on all Information Systems (IS) to ensure the appropriate IA security controls have been applied and maintained.
• Evaluate IS for compliance in accordance with Risk Management Framework (RMF) 800-53 Controls and Special Directives.
• Assist with the continuous monitoring of RMF packages within eMASS (POA&Ms, Test Results, Risk Assessments, etc.).
• Record and/or prepare artifacts associated with the audit to ensure a repository for all system RMF documentation is kept current.
• Provide Certification and Accreditation (C&A) support in the development of security and contingency plans by conducting risk and vulnerability assessments.
• Use the 800 Series NIST Special Publications as reference for C&A, system security plans, risk assessment, and other security requirements.
• Create, edit, and review organization and team level documentation for clarity and accuracy and assist with development of security related TTPs, SOPs, processes, plans, or diagrams.
• Use automated security scanning tools (SCAP, ACAS, Tychon, etc.) to identify potential vulnerabilities.
• Analyze and report findings to technical teams and leadership for appropriate tracking and mitigation.
• Research RFIs from technical teams regarding DISA STIG checklists, and DOD/Army regulations.
• Explain requirements to systems administrators in detail to ensure proper understanding and clarity.
• Review proposed courses of action from technical teams and recommend the most secure option while balancing operations and/or mission requirements.
• Assist in the identification, tracking and remediation of security risks discovered on information systems.
• Prepare and deliver detailed written reports and oral presentations to the Security Manger, Information Assurance Manager and other senior leaders or staff within the organization.
• Coordinate with both internal and external entities to improve established processes and procedures; ensuring efficient execution of all analysis, tracking, mitigation and reporting requirements.
• Coordinate directly with cross functional teams and management to resolve all compliance issues.
• Support and/or lead special projects as required.
• Complete other duties as assigned by management.

Benefits

• Overtime
• Shift differential
• Discretionary bonus