JMSC-IP Information Technology (IT) and Cyber Risk Auditor Associate – TS/SCI Required

About The Position

Requirements

• BS/BA in Cyber Security, Information Security or Computer Science or a related technical discipline, or the equivalent combination of education, technical training, or work experience
• 0 years of related experience
• Military and MTC experience preferred
• Competent with eMASS
• Solid knowledge of the SCA-V process and inspection program
• Understanding of NIST, DoD, & Army Cybersecurity & Risk Management Framework policies, directives, instructions, manuals, and best business practices
• SEC+ is required.
• TS/SCI Clearance Required

Nice To Haves

• SecurityX (CASP+) and CySA are preferred
• Knowledge of current industry methods for evaluating, implementing, and disseminating IT security assessment, monitoring, detection and remediation tools and procedures utilizing standards-based concepts and capabilities
• Basic understanding of disaster recovery continuity of operations plans
• Basic understanding of enterprise incident response program, roles, and responsibilities
• Knowledge of network security architecture concepts
• Knowledge of server administration and systems engineering theories, concepts, and methods
• Experience with VMWare environments
• Experience with vulnerability assessment tools

Responsibilities

• Support RMF-based cybersecurity risk management for training enclaves and exercise networks in accordance with Department of Defense and U.S. Army policies, vulnerability management, POA&M tracking, and continuous monitoring.
• Assist with implementation and documentation of RMF in accordance with Department of Defense and U.S. Army policies, control implementation and assessment support.
• Maintain and update RMF artifacts in Enterprise Mission Assurance Support Service (eMASS) to ensure compliance with Department of Defense cybersecurity requirements and support Authorization to Operate (ATO) processes.
• Update and document Security Technical Implementation Guide (STIG) compliance in response to vulnerabilities identified during assessments, audits, and inspections, ensuring alignment with Defense Information Systems Agency and Department of Defense cybersecurity standards.
• Ensure cybersecurity compliance with Department of Defense directives (DoD 8140, 8570.01-M), U.S. Army regulation AR 25-2, and NIST SP 800-53 / NIST SP 800-39, while incorporating guidance from U.S. Army Pacific CSPMO, U.S. Army Network Enterprise Technology Command, and United States Cyber Command
• Support the preparation of RMF artifacts, trackers, and supporting documentation required for Security Control Assessment Validation (SCA-V) activities to maintain the U.S. Army Pacific Type ATO.
• Assist with audits, vulnerability assessments, and cybersecurity inspections, documenting findings and supporting remediation in accordance with Department of Defense and U.S. Army cybersecurity policies.
• Perform other cybersecurity duties as required to support RMF compliance, continuous monitoring, and mission assurance in alignment with Department of Defense and U.S. Army standards.

Benefits

• 401K with company match
• full flex work weeks where possible
• variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave
• short and long-term disability benefits
• life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance