Are you a Cyber Security Analyst with CS/IA experience? We are looking for an experienced Cyber Security Analyst to assist Program Office (PO) Stakeholders with navigating DoD and DoN CS processes.
As a Cyber Security Analyst, you will:
- Have knowledge of Committee on National Security Systems Instruction (CNSSI) 1253 and Joint Special Access Program Implementation Guide (JSIG) Risk Management Framework (RMF) requirements.
- Provide Assessment and Authorization (A&A) support services as defined in the JSIG and NIST 800-37/800-53/800-53A Risk Management Framework (RMF) publications.
- Work with a team of driven, supportive and highly skilled professionals.
- Receive a robust benefits package that includes Employee Stock Ownership Plan!
- Enjoy flexibility managing your work hours and personal needs with a single accrual leave plan.
A week in the life of a Cyber Security Analyst:
- Conduct Program Office (PO) security control assessments and technical reviews of System Integrator/developer submitted A&A documentation to ensure compliance with RMF requirements.
- Achieve successful Authorizing Official (AO) decisions in support of Authority to Operate (ATO) milestones IAW JSIG and NIST SP 800-137 Continuous Monitoring Requirements.
- Generate, review and submit A&A documentation required for submission and maintenance of DoN Security Authorization (SA) packages to include the System Security Plan (SSP), Security Control Traceability Matrix (SCTM), Plan of Action and Milestones (POA&M) report, Risk Assessment Report (RAR), Continuous Monitoring (ConMon) Plan, Contingency Plan, Incident Response Plan (IRP), Configuration Management Plan (CMP) and associated Standard Operating Procedures (SOPs).
- Implement/monitor PO ConMon strategies to ensure compliance objectives such as audit log reviews, account monitoring and CVE monitoring activities (minimally) are adhered to.
- Maintain the A&A repository to ensure that all PO CS related documentation is current and accessible to authorized individuals.
- Participate in Integrated Product Team (IPT) and Technical Interchange Meetings (TIMs) to ensure Cybersecurity requirements are implemented as part of SDLC processes.
- Conduct risk assessments, review system vulnerability scans to assess the system's CS posture; manage vulnerabilities discovered and track remediation activity to resolution or AO risk acceptance.
- Liaise with System Developers, Fleet Operators, and Acquisition Specialists to address specific CS issues that impact mission capabilities.
- Review Contract Data Requirements Lists (CDRLs) Deliverables to assess CS security impacts.
- Forbes National Best Midsize Companies
- Energage National Best Workplaces, National
- Washington Post Best Workplaces
Veteran Hiring Awards:
- U.S. Department of Labor Hire Vets Medallion
- BEST FOR VETS by Military Times
- TOP 10 MILITARY FRIENDLY COMPANY by MilitaryFriendly.com
AMERICAN SYSTEMS is committed to pay transparency for our applicants and employee-owners. The salary range for this position is $100,000 - $125,000. Actual compensation will be determined based on several factors permitted by law. AMERICAN SYSTEMS provides for the welfare of its employees and their dependents through a comprehensive benefits program by offering healthcare benefits, paid leave, retirement plans (including ESOP and 401k), insurance programs, and education and training assistance.
- Bachelor of Science degree in Cybersecurity, Information Systems Security, Information Systems, or demonstrated comparable experience with 4-6 years of relevant CS/IA experience,
- IAM or IAT DoD 8570/8140 level II certified. It can be one of the following: CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP, CASP+ CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH.
- Experience with RMF and National Institute of Standards and Technology (NIST) 800-37/800-53/800-53A
- Must have current Top Secret w SCI eligibility
EOE Minorities/Women/Disabled/Veterans/Gender Identity/Sexual Orientation or EEO M/W/D/V/GI/SO.