Cybersecurity Analyst

About The Position

Requirements

• Active DoD SECRET clearance.
• High School Diploma and 2-5 years of experience in IT/RMF/GRC; Associates degree equivalent to 2 years experience, bachelor's degree equivalent to 4 years experience; master's degree equivalent to 6 years experience.
• Meets DoD 8140 Cybersecurity Analyst Mid-Level Education, Training or Certification qualifications (CySA, Sec+, etc.).
• Reports to designated work location in Colorado Springs up to full time, based on the needs of the customer.

Nice To Haves

• Top Secret clearance with SCI eligibility.
• Experience with ITIPS.
• Experience with eMASS.
• Experience with FISMA.
• Experience with IASE.
• Experience with Xacta.

Responsibilities

• Support the United States Space Force (USSF) in the development, deployment, maintenance and sustainment of space systems.
• Work in close collaboration with the Information Systems Security Manager (ISSM) and Information Systems Owner (ISO) to ensure security posture is met and maintained.
• Develop security policies, procedures, plans, and all other evidence of compliance with various security controls.
• Create and maintain RMF documentation including eMASS and ITIPS database entries with System Security Plans (SSP), Security Assessment Reports (SAR), Plans of Action & Milestones (POA&M), and other artifacts tied to NIST processes.
• Build, maintain, and track system's cybersecurity baselines via eMASS or equivalent.
• Review, assess, create, and update enclave documentation in eMASS for ISSM review and approval.
• Identify, collect, review, and maintain RMF required artifacts.
• Ensure accurate system documentation and configuration logs are maintained.
• Provide written evaluations portraying system progress on RMF compliance.
• Maintain cybersecurity data for systems registered in ITIPS.
• Conduct and/or report annual FISMA security reviews and validate cybersecurity control compliance.
• Conduct annual control validations (ACVs) for all NC3 systems.
• Create and maintain mission common control packages.
• Create and maintain Authority-to-Connect (ATC) guest system packages in eMASS.
• Ensure required Cybersecurity functional activities are conducted during the systems' O&S phase.
• Participate in system's IPTs and sustainment contractor meetings to ensure alignment of cybersecurity requirements.
• Evaluate system's sources of changes and determine security impacts.
• Review and provide inputs to modification packages and program/system documents.
• Review system's test plans and test results for security control implementation.
• Document all findings and perform security impact analysis on system changes.
• Monitor and adhere to the system's A&A schedule deadlines.
• Review annually and provide recommended updates to program cybersecurity policies and plans.
• Review and provide advice on RMF related memorandums for compliance.
• Assist with the cybersecurity vulnerability management plan and risk assessment capability.
• Receive and review ACAS and SCC reports from the sustainment contractor and characterize risk.

Benefits

• Competitive base pay and variable compensation opportunities.
• Health insurance.
• Flexible spending accounts.
• Health savings accounts.
• Retirement savings plans.
• Life and disability insurance programs.
• Programs for both paid and unpaid time away from work.