Job Title: Cyber Compliance Reporting
Job Category: Information Technology
Time Type: Full time
Minimum Clearance Required to Start: Secret
Employee Type: Regular
Percentage of Travel Required: Up to 10%
Type of Travel: Local
* * *
As a Cyber Compliance Reporting Analyst, you will be responsible for drafting and managing technical orders, tracking compliance, and analyzing cybersecurity vulnerabilities supporting the US Coast Guard. This role requires strong writing and communication skills, proficiency in Microsoft Office tools including Power BI, and a deep understanding of DoD terminology and cybersecurity frameworks such as NIST and RMF. You must possess an active DoD Secret Clearance, be DOD 8570 IAT II certified, and have experience with tools like Tenable Security Center, Tanium, and Microsoft Defender Endpoint. This position involves coordinating cyber activities with external and internal entities, reviewing proposed solutions for compliance with federal and defense regulations, and assisting in the creation of white papers for course of action analysis.
Specific Areas of Responsibility:- Solid writing and communications skills; ability to write Operational Orders, Cyber Task Orders and other tasking mechanisms related to Information Technology.
- Strong Microsoft Office skills to include Word, Excel, PowerPoint, SharePoint, including Power Bi.
- Strong knowledge of Department of Defense (DoD / DoW) terminology, acronyms and verbiage related to Cybersecurity, Information Technology and other Cyber related events.
- Track, verify and enumerate metric related to inbound and outbound TASKORDs, CTO, EXORDs and other tasking mechanisms from DoD and DHS.
- Familiarity with Plans of Action and Milestones (POA&M) for securing IT vulnerabilities, exploits and weaknesses.
- Examine datasets and use investigative techniques to determine what systems are in compliance with or deviating from the known standard.
- Filter a dataset and conduct analysis in order to provide the Customer with an explanation based on potential scenarios proposed by the Government or the Analyst
- Analyze data contained within multiple tools (e.g. Tanium, ACAS, etc.) to determine the potential attack surface of a vulnerability based on an understanding of the exploitability of the vulnerability and active and passive defenses used by the network.
- Differentiate between risk mitigation and risk remediation, the processes for each and how to manage and track both.
- Maintain datasets related to information systems and related data used by the organization.
- Understand and communicate the difference between a threat, vulnerability and a risk.
- Assist in the creation and publication of technical orders to service customers; track the compliance and status of orders through their lifecycle in an Orders Management program.
- Track and acknowledge the receipt of vulnerabilities through a Orders Management program; analyze and report the compliance of vulnerabilities on affected assets
- Disseminate IAVM/ISVM notices and track compliance as directed by USCYBERCOM or CGCYBER.
- Assist with the coordination of and implementation of the IA program with a specific emphasis on the reporting, tracking and compliance of KPIs.
- Responsible for drafting management level reports detailing vulnerabilities released, compliant, and non-compliant as well as trending information across the enterprise.
- Review proposed solutions to ensure they meet Federal and Defense information technology regulations.
- Assist in researching product information to developing white papers for course of action analysis.
- Coordinate cyber activities with both external entities (DOD, DHS, and Commercial Industry) as well as internal USCG entities.
Qualifications: Required:
- Must have active DoD Secret Clearance.
- Education: BA/BS or equivalent years of relevant experience.
- Relevant Years of Experience: 7+
- Must be DOD 8570 IAT II certified.
- Candidate must have a strong working knowledge of MS tools such as Word, Excel, PowerPoint, SharePoint, and Power Bi.
- Experience with Tenable Security Center, Tanium, Microsoft Defender Endpoint.
- A working knowledge and understanding of National Institute of Standards and Technology (NIST), Risk Management Framework (RMF), network security technologies, procedures and operational constructs.
Desired:
- 4+ years of military experience.
Pay Range:
There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits.
The proposed salary range for this position is:
$86,600 - $181,800
