RMF / Security Assessment (TS/SCI w/CI Poly)
C4CD-S LCAT = Information Security Analyst, Journeyman
What You'll Be Doing:- Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information.
- May ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure.
- May respond to computer security breaches and viruses.
- Ensure the rigorous application of cybersecurity policies, principles, and practices in the delivery of all Information Technology (IT) and cybersecurity services.
- Develop and design security solutions to maintain confidentiality, integrity, and availability of information throughout the enterprise.
- Identify, plan, and document improvements to security controls.
- Develop and document recommendations and courses of action (COAs) to solve complex cybersecurity problems.
- Develop and interpret cybersecurity requirements and assist in the formulation of cybersecurity/IT budgets.
- Plan and schedule the installation of new or modified security hardware, operating systems, and software applications.
- Ensure the assessment and implementation of identified computer and network environment fixes as part of the Cybersecurity Vulnerability Management program.
- Guide the implementation of appropriate operational structures and processes to ensure an effective cybersecurity program.
- Maintain the appropriate operational security posture for an information system.
- Manage the security of the information system through Certification & Accreditation (C&A).
- Support the information system owner for the completion of security related responsibilities.
- Review System Security Plans (SSP) and solutions.
- Recommend security mechanism implementations.
- Evaluate and document the effectiveness of solutions implemented to provide the "CIA Triad".
Required Skills and Qualifications:- Active TS/SCI with CI polygraph.
- Minimum of a Bachelor's Degree in a technical or business discipline from an accredited college or university in Computer Science, Cybersecurity, Computer Engineering, or related discipline.
- Active DoD 8570 IAM Level II Security Certification (CGRC, CASP+ CE, CISM, CISSP (or Associate), GSLC, CCISO, HCISPP)
- Minimum 5 years related experience.
- Must know Risk Management Framework (RMF).
Preferred/Desired Skills:
- Experience with DoD Cybersecurity Policies.
- Experience with Xacta Solutions (Xacta 360).
- Knowledge of Enterprise Mission Assurance Support Service (eMASS).
- Exposure to AWS (Amazon Web Services), ACAS (Security scanning software), vCenter, WSUS (Windows Server Update Service), and/or STIGs/IAVA.
- A problem solver who can get in, be given a project, and use engineering skills to determine a solution.
- Able to build systems from the ground up - network architecture/systems engineering.
Location: Columbia, MD (Customer Site - CANX)