Cybersecurity Systems Analyst, Sr.
TJ Consulting Group · Hurlburt Field, FL · 5 days ago
Information Technology$117k–$120k/yrFull-time
About the role
The Cybersecurity Systems Analyst, Sr., is sought to work in Hurlburt Field, FL. An active TS/SCI DoD Security Clearance is mandatory.
Responsibilities
- Assesses network compliance against NIST 800-53 and creates A&A packages.
- Performs assessment, compliance, and validation of IT systems to support the Cybersecurity program.
- Advise on network and system risks, risk mitigation courses of action, and operational.
- Performs security evaluations and vulnerability assessments using ACAS, Nessus, and SCAP tools.
- Identifies applicable STIGs and performs assessments using SCAP tool.
- Liaises with network and system administrators to correct identified deficiencies.
- Scans (or reviews scans) for new systems and applications being introduced into the SOF environment, identifies issues, and drafts certification letters for the government.
- Liaises with the Site Integration Facility (SIF) to ensure systems and applications meet DISA STIG standards.
- Keeps up-to-date with cyber network defense tools such as endpoint security, SIEM, comply to connect, etc.
- Tracks A&A status of SIE governed ISs.
- Advises stakeholders on the adequacy of implementation of cybersecurity requirements.
- Provides DoD & IC RMF subject matter expertise and assists with the development and execution of the RMF program.
- Maintains, tracks, and validates DISN, cloud and DIA connection approval packages.
- Develops and maintains supporting documentation for new and existing networks, cloud environments, information systems and technologies as they are introduced into the SIE.
- Develops and reviews the A&A of SIE networks, cloud environments, systems, services, telecommunication circuits, mobile devices, portable electronic devices, hardware, and software using the DoD & IC RMF to obtain an ATO, IATT, or ATC.
- Performs risk and vulnerability assessments of IT and IS for authorization; prepares risk assessment reports for submission to the SCA and AO/DAO/DAA in accordance with DoD, DIA, USCYBERCOM, USSOCOM, Component Command, TSOC, and deployed forces’ policies, procedures, and regulations.
- Affords assistance with the enforcement of A&A, as well as connection standards for networks and systems.
- Tracks and maintains A&A databases, web sites and tools to ensure that networks, systems and devices are properly documented and managed from a cybersecurity perspective.
- Ensures timely notifications are made to responsible individuals and organizations in order to prevent lapses in accreditations (e.g., 30, 60, and 90 day notices).
- Develops and maintains an Information Security Continuous Monitoring (ISCM) Plan.
- Identifies, assesses, and advises on cybersecurity control compliance and associated risks.
- Collaborates with USCYBERCOM, DoD, DIA, NSA, DISA, and subordinate organizations to support the resolution of issues with security, A&A, connection approvals, and waiver requests.
- Performs network, cloud, information systems, hardware, software and device security authorization and assessments, as well as the application and execution of policy, including project management support services.
- Validates the patching of systems, performs validation scanning, develops POA&Ms, and reports as directed by applicable policies, procedures, and regulations.
- Provides subject matter expertise for COA development and the implementation of Cybersecurity mitigation strategies.
- Develops and implements required processes, procedures, and capabilities to mitigate vulnerabilities and weaknesses for software and hardware deployment.
- Identifies, implements, and validates continued effectiveness of key performance parameters and applied security measures.
- Performs analytics on cybersecurity posture and provides reports to the AO/DAO and applicable stakeholders as required per ISCM and AO/DAO direction.
Qualifications
- 8+ years of progressive, relevant experience or equivalent combination of education and experience.
- Experience with US Combatant Commands (USCENTCOM/USSOCOM) is desired.
- Technical background with system administration experience, architecture and engineering preferred.
- Technical background in networking, identity management, Microsoft and Linux operating systems, database, and mobility.
- Working knowledge of the RMF.
- Knowledge of the Telos Xacta or Enterprise Mission Assurance Support Services (eMASS) system is desired.
- Excellent communications skill (written and oral) and interpersonal skills.
- Knowledge and experience with DoD IA processes and policies (e.g., DODI 8510.01, NIST, CNSS and other cybersecurity policies, CJCSM 65101.01, Incident Response and other IA policies).