Cybersecurity Program Analyst, Senior

Credence•Robins Air Force Base, GA

3h•Onsite

About The Position

At Credence, we support our clients’ mission-critical needs, powered by technology. We provide cutting-edge solutions, including AI/ML, enterprise modernization, and advanced intelligence capabilities, to the largest defense and health federal organizations. Through partnership and trust, we increase mission success for warfighters and secure our nation for a better future. We are privately held, are repeatedly recognized as a top place to work, and have been on the Inc. 5000 Fastest Growing Private Companies list for the last 12 years. We practice servant leadership and believe that by focusing on the success of our clients, team members, and partners, we all achieve greater success. Credence has an immediate need for a Cybersecurity Program Analyst at the senior level to support our Integrated Broadcast Service (IBS) program at Robins AFB, GA. IBS is a multi-sensor, multisource system of systems for the dissemination of integrated threat warning and blue force tracking information. The IBS PMO mission is to sustain and modernize the current operational baseline by maintaining near constant operational availability and integrating new capabilities into the IBS-Enterprise. The Cybersecurity Program Analyst will ensure that all system and application deliverables meet the requirements of all DoD and AF Cybersecurity policies. This position’s primary role is to ensure that the assigned system’s cybersecurity documents, data, requirements, and strategic planning are adequate to ensure system mission needs are met and that the system complies with all relevant Cybersecurity law, regulation, and policy.

Requirements

Active TS/SCI clearance is required.
Master’s or Doctorate degree and ten (10) years of experience in the respective technical / professional disciplines being performed, five (5) years of which must be in the DoD acquisition
Or, BA/BS degree, and twelve (12) years of experience in the respective technical/professional discipline being performed, five (5) of which must be in the DoD acquisition
Or fifteen (15) years of directly related experience with proper certifications, eight (8) of which must be in the DoD acquisition.
Experience with Defense Acquisition System processes including UCA, MTA, MCA, SW Acquisition and Acquisition of Services.
Familiarity with DoD Security Requirements Guides (SRGs) and Security Technical Implementation Guides (STIGs) is required.
In depth knowledge of DISA policy and guidance is required.
Experience with AF computer networking concepts and protocols, network security methodologies, cybersecurity principles used to manage risk, and experience identifying and mitigating system vulnerabilities is required.
Cybersecurity Qualification is required for Work Role ID 805 IT Program Auditor

Responsibilities

Collect and maintain data needed to meet system cybersecurity reporting requirements IAW cybersecurity law, regulation, and policy.
Identify gaps in cybersecurity compliance for the assigned system, create plans of action to resolve cybersecurity gaps, communicate plans to organizational leadership, execute plans to ensure cybersecurity compliance is met
Ensure security improvement action is identified, validated, and implemented as required for the assigned system; tracks cybersecurity program requirements to ensure successful implementation
Ensure that cybersecurity requirements are integrated into the continuity planning for the assigned system and organization; makes recommendations to update the cybersecurity policy for organizational efficiency
Plan, monitor, and track cybersecurity tasks to ensure successful completion
Identify alternative information security (INFOSEC) strategies to address cybersecurity tasks or requirements that are a risk to the system’s continued operation and mission success
Monitor the assigned system to ensure cybersecurity data and data sources meet cybersecurity policy requirements, and communicate status to organizational leaders
Audit cybersecurity information, data, system configuration, and other cybersecurity characteristics to ensure requirements are met, report gaps or issues to division cybersecurity leadership
Conduct import/export reviews for acquiring systems and SW
Review source code scanning reports to identify vulnerabilities and identify risks
Develop methods to monitor and measure risk, compliance, and assurance efforts; develop contingency plans, disaster recovery procedures, and other methods to mitigate and/or resolve cybersecurity risks
Identify and document the requirements necessary to ensure SW acquisition programs, contract requirements, or other product development efforts meet applicable cybersecurity law, regulation, and policy
Develop methods to ensure programs or projects meet the requirements of DoDI 8520.02, Public Key Infrastructure (PKI) and Public Key (PK) Enabling
Support the Risk Management Framework (RMF) tasks related to system/application efforts to include Assessment and Authorization efforts, system audits, and other quality checks; ensure cybersecurity RMF artifacts (documents, data, etc.) meet the requirements of cybersecurity policy
Recommend policies and procedures to ensure information systems reliability and accessibility and to prevent and defend against unauthorized access to systems, networks, and data
Conduct risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs
Participate in network and systems design to ensure implementation of appropriate systems security policies
Ensure the rigorous application of INFOSEC/cybersecurity policies, principles, and practices in the delivery of all IT services
Perform the Information System Security Engineer duties in an Information Assurance (IA) Workforce System Architecture and Engineering position as outlined in AFI 33-200, AFI 33-210 and AFMAN 33-285 for assigned systems