ClearanceJobs
Senior Cyber Security Analyst (RMF/ISSO) in Pearl City, Hawaii
Senior Cyber Security Analyst (RMF/ISSO) in Pearl City, Hawaii to support the US INDOPACOM J73 documenting security controls and creating Authority to Operate (ATO) packages. Documenting security controls in SSP per NIST SP 800-53A rev5 Create Authority to Operate (ATO) packages Validate vulnerability/risk assessment analysis to support accreditation Utilize various information system inspection tools to audit systems, analyze potential vulnerabilities and identify mitigation approaches Conduct technical evaluation of information system designs, focusing on information security aspects and accreditation Review completion and implementation of system additions and enhancements, and makes recommendations to management Determine system specifications, input/output processes, and working parameters for hardware and software compatibility Assist and review program documentation to include RMF reports, accreditation packages, and security policy guides using NIST 800-53A guidance Qualifications - External REQUIRED EDUCATION AND EXPERIENCE: Bachelors and five (5)+ years of related experience; additional four (4) years of experience accepted in lieu of degree Experience working with Authority to Operate (ATO) packages for both on-premises, and Cloud environments Experience using Government, Risk Compliance (GRC) tools (i.e. Cyber Security Assessment and Management (CSAM), eMASS, XACTA, etc.) Experience developing Standard Operating Procedures (SOP), After-Action Reports, and Policy and Procedure documents Experience documenting security controls in a System Security Plan (SSP) and how the controls are being implemented Strong working knowledge of Risk Management Framework (RMF), Cloud Security Requirements Guide (SRG), National Institute of Standards and Technology (NIST) guides, and Security Technical Implementation Guide (STIG) Understanding of the DOD requirements for the Network Topology, System Security Boundary, and Data Flow Diagrams REQUIRED CERTIFICATION: Must have a current DoD IAM Level I or higher certification (i.e. Security+ CE, Cloud+, CASP+, OR CISSP etc.) REQUIRED CLEARANCE: Must have a current Active Secret Clearance with the ability to obtain a TSSCI Clearance Must be a current US Citizen
Senior Cyber Security Analyst (RMF/ISSO) in Pearl City, Hawaii to support the US INDOPACOM J73 documenting security controls and creating Authority to Operate (ATO) packages. Documenting security controls in SSP per NIST SP 800-53A rev5 Create Authority to Operate (ATO) packages Validate vulnerability/risk assessment analysis to support accreditation Utilize various information system inspection tools to audit systems, analyze potential vulnerabilities and identify mitigation approaches Conduct technical evaluation of information system designs, focusing on information security aspects and accreditation Review completion and implementation of system additions and enhancements, and makes recommendations to management Determine system specifications, input/output processes, and working parameters for hardware and software compatibility Assist and review program documentation to include RMF reports, accreditation packages, and security policy guides using NIST 800-53A guidance Qualifications - External REQUIRED EDUCATION AND EXPERIENCE: Bachelors and five (5)+ years of related experience; additional four (4) years of experience accepted in lieu of degree Experience working with Authority to Operate (ATO) packages for both on-premises, and Cloud environments Experience using Government, Risk Compliance (GRC) tools (i.e. Cyber Security Assessment and Management (CSAM), eMASS, XACTA, etc.) Experience developing Standard Operating Procedures (SOP), After-Action Reports, and Policy and Procedure documents Experience documenting security controls in a System Security Plan (SSP) and how the controls are being implemented Strong working knowledge of Risk Management Framework (RMF), Cloud Security Requirements Guide (SRG), National Institute of Standards and Technology (NIST) guides, and Security Technical Implementation Guide (STIG) Understanding of the DOD requirements for the Network Topology, System Security Boundary, and Data Flow Diagrams REQUIRED CERTIFICATION: Must have a current DoD IAM Level I or higher certification (i.e. Security+ CE, Cloud+, CASP+, OR CISSP etc.) REQUIRED CLEARANCE: Must have a current Active Secret Clearance with the ability to obtain a TSSCI Clearance Must be a current US Citizen