Information Security Analyst - Senior (Mon - Fri)

The One 23 Group

$90K — $120K *
Aerospace & Defense
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree or HS/GED with 5 years of experience in a Windows Computing Environment
  • DoD 8140 certification (e.g., CEH, CYSA+, CISSP) is required
  • Computing Environment Certification (ACASS or EMASS) to be obtained within six months of hire
  • ITIL Training Course (ITIL v4 recommended) to be obtained after hire
  • Experience with Risk Management Framework (RMF) and security assessments

Responsibilities

  • Protect and defend DeCA by collaborating with Security Managers and Officers
  • Develop and assist in implementing Plan(s) of Action and Milestones (POA&M)
  • Manage long-term vulnerability management strategies
  • Assist in the patching of software vulnerabilities
  • Report on established vulnerability baselines

Benefits

  • Opportunities for professional development and training
  • Support for obtaining additional certifications such as ACASS
  • Exposure to high-level cybersecurity frameworks and standards
  • Collaboration within a defense-focused security team
  • Engagement in impactful cybersecurity initiatives within the DoD
Full Job Description
The Defense Commissary Agency (DeCA) is responsible to Joint Force Headquarters, Department of Defense Information Network (JFHQ-DoDIN) and United States Cyber Command (USCYBERCOM) for the ongoing efforts to secure, operate and defend the Department of Defense Information Network (DoDIN) as a Tier-1 DoDIN Area of Operations (DAO). DeCA is also responsible for upholding other requirements including but not limited to those set by the Federal Information Security Management Act (FISMA), the Payment Card Industry Data Security Standard (PCI-DSS), and the National Institute of Standards and Technology Risk Management Framework (RMF) in order to continue operations. The requirements of this position will be to provide risk management, long-term vulnerability management, and general cybersecurity support.

Requirements

Primary Responsibilities
• Protect and defend DeCA by working with DeCA's Information Systems Security Managers (ISSM) and Information Systems Security Officers (ISSO), and others to secure the Desktop Common Operating Environment (DCOE) in accordance with National Institute of Standards and Technology Risk Management Framework, Department of Defense, and DeCA doctrine
• Assist in the development of Plan(s) of Action and Milestones (POA&M, or POAM) and Risk Acceptance
• Vulnerability Management

Secondary Responsibilities
• Assist in managing vulnerability patching
• Reporting of vulnerability baselines

Knowledge/Experience must include
• Customer Service/Support
• Risk Management Framework (RMF)
• RMF Security Controls
• Information Assurance Vulnerability Management (IAVM)
• Assured Compliance Assessment Solution (ACAS)
• Enterprise Mission Assurance Support Service (eMASS)
• System Security Plans (SSPs)
• Authority to Operate (ATOs)
• Plan of Action & Milestones (POA&Ms)
• Designating Approving Authority Risk Acceptance (DRAs)
• Security Content Automation Protocol (SCAP)
• Security Compliance Checker (SCC)
• Public Key Infrastructure (PKI)
• Security Technical Implementation Guides (STIGs)
• McAfee Endpoint Security Solutions (ESS-)
• National Institute of Standards and Technology (NIST)
• Ticketing System Experience (e.g. BMC Remedy/ServiceNow/SolarWinds/Ivanti)
• Excellent Oral/Written Communication
• Federal Risk and Authorization Management Program (FedRAMP)

Qualifications
• Bachelor's degree or HS/GED + 5 yrs in Windows Computing Environment
• Baseline Certification (required): DoD 8140 certification from CSSP Infrastructure Support or CSSP Auditor category (CEH, CYSA+, GICSP, SSCP, CHFI, CFR, Cloud+, CND, CISA, GSNA, CFR, PenTest+), CISM or CISSP
• Computing Environment Certification (ACASS or EMASS) - can be obtained within six months of hire
• ITIL Training Course (ITIL v4 recommended) - can be obtained after hire

Similar Jobs

More Jobs at The One 23 Group

More Aerospace & Defense Jobs

Find similar Information Security Analyst - Senior (Mon - Fri) jobs: