Cybersecurity Analyst / Active Secret

About The Position

Requirements

• BS/BA degree and minimum of 8 years of relevant experience, or an MS and 6 years of relevant experience. An additional 4 years of relevant experience will be considered in lieu of the bachelors degree.
• IAT II Certification (8570) and ability to achieve DOD 8140 CSWF Role Vulnerability Assessment Analyst-Intermediate when required.
• Demonstrated strong understanding and application of RMF And DISA STIG/Security framework implementation, experience with cloud implementation.
• Expert experience conducting Tenable ACAS vulnerability management and reporting using Security Center, Nessus.
• Experience with IAVM/IAVA management and reporting.
• Demonstrated understanding of DoD cybersecurity infrastructure tools including PKI, Data encryption, Microsoft MDE/Sentinel, DOD IA Tookit
• Strong technical foundation with system administration skills and experience to support independent assessments of cybersecurity risk and mitigation measures of enterprise data center systems including Virtualization, networking, Storage (SAN, NAS), Windows, Linux, Oracle and SQL database
• Experiencing operating within an SaFe Agile project structure, Enterprise ITSM solution and queue operations.
• Experience maintaining RMF-based accreditation packages.
• Experience using a certification and accreditation tool/GRC -- eMASS preferred.
• Experience with the configuration of datacenter monitoring and management solutions.
• Experience using Log Management and SIEM solutions to support cybersecurity program.
• Fundamental understanding of ITSM/ITIL processes.
• U.S. Citizenship required.
• DoD Secret Clearance/Tier 3 BI.

Nice To Haves

• ACAS and RMF certification.
• Azure or AWS Cloud Certification or training completed.
• ITIL training or certification desired.
• BMC Remedy/Helix experience.

Responsibilities

• Providing technical and authorization and accreditation support.
• Conducting vulnerability management assessments using ACAS (Tenable Nessus), Evaluate STIG, Open RMF and other tools including mitigation development and POA&M and documentation support.
• Coordinating and collaborating with operations teams to identify solutions for vulnerability mitigation and preparing cybersecurity documentation to obtain support and approval to operate.
• Preparing systems for review and independent verification and validation (self-assessments).
• Developing POA&M for identified vulnerabilities and developing remediation, mitigation and criticality downgrade strategies.
• Supporting accreditation activities for installed and in-deployment infrastructure as well as requirements in development and engineering change proposal/pipeline processes such as developing supporting documentation and completing cybersecurity compliance requirements.
• Coordinating with independent verification and validation team and program office ISSM cybersecurity support to enable overall cybersecurity program activities.
• Developing, maintaining, editing, authoring, and supporting accreditation package requirements including use of the DOD accreditation management tool eMASS.
• Developing scripting and automation and other supporting infrastructure for continuous monitoring activities.

Benefits

• Overtime
• Shift differential
• Discretionary bonus