Sign Up Sign Up Log In Sign Up

Cyber Security Analyst

Overview

Our Cyber Security team members are expected to perform System Security Authorization and related IA Continuous Monitoring tasks across multiple C3CEN owned and managed systems. In this, they will work with internal and external Cyber Security stakeholders at CGCYBERCOM, USCGHQ and DHS in maintaining continued system security compliance and sustained Authorization to Operate (ATO).

Responsibilities
  • Performing Security Assessment and Authorization (SA&A) tasks on SBU and Classified USCG Standard Workstation Image, major applications, stand-alone systems, and IT products used within the local area network (LAN) of all USCG districts up to and including the CGOne wide area network (WAN).
  • Conducting security impact assessments against proposed system changes and new IT solutions.
  • Completing initial and recurring FISMA related tasks and documentation packages to include system contingency plan reviews and test, Privacy Threshold Assessments, annual security assessments, and responding to annual FISMA related data-calls etc.
  • Performing routine and ad hoc vulnerability and STIG compliance scans in support of system security authorization and ISVM tasks. This includes root-cause analysis and assisting system engineers and sustainment agents in remediation activity planning and execution.
  • Assisting the SA&A team in the performance of technical assessment of SBU and Classified USCG Standard Workstation Images, major applications, enclaves, and standalone information systems within the USCG enterprise network.
  • Providing DOD CCRI support to USCG facilities and commands; conducting technical evaluations and assessments and performing documentation support services.
Qualifications
  • Familiarity with DHS, USCG and other Federal Cyber Security policies and guidelines. To include: DHS MD-4300A, USCG COMDTINST 5500.13, DOD 8500.1, and related Federal Information Processing Standards (FIPS) and National Institute of Technology Special Publications
  • Working knowledge of the Risk Management Framework (RMF)
  • Must have achieved IAM Level II certification level: CAP, CISSP, GSLC, CISM or CASP
  • Preferred experience in the use of the eMASS, IACS (XACTA), ACAS and HBSS security tools
  • Experience in the analysis of identified system weaknesses identified during system security assessments and the related mitigation plans as they pertain to meeting mandated system security requirements and timeframes. To include weakness POA&M and waiver creation and management
  • Working knowledge of the Open System Interconnect (OSI) model
  • Experience in the creation and of management of required Federal Information Security Management Act (FISMA) documents and deliverables
  • Must have experience using Microsoft Office Programs (Excel, Word, PowerPoint, etc.)
  • SharePoint experience is a plus
  • Working knowledge of the RMF and experience in the creation of Assessment and Authorization packages and deliverables
  • Experience in the Security Assessment Process to include performance of SME interviews and evaluation of provided artifacts in regards to mandated security control requirements.
  • Experience in the analysis of IAVM bulletins and Cyber Security TASKORDs and providing leadership details on any required actions and related timelines
  • Experience in tracking weakness mitigation/patch status and working with system stakeholders in the creation and management of mitigation Plan of Action and Milestones and associated deliverables
  • Experience in the analysis of system security and vulnerability assessment results and creation of mitigation plans as they pertain to meeting mandated system security requirements and time frames. To include weakness POA&M and waiver creation and management
  • Active Secret Security Clearance

*cj

Company Name:
Security Clearance:
DHS
Location:
Portsmouth, Virginia
Country:
United States
Salary:
Not Specified
Job Number:




Send me email alerts for similar jobs

JOIN US