Amentum
Overview Join to apply for the Cybersecurity Systems Analyst - Senior role at Amentum .
The duties include performing assessment and authorization coordination, advising and assisting the customer with Risk Management Framework (RMF), and developing a Plan of Action and Milestones for resolving network deficiencies in accordance with DoD guidance. The role involves assessing network compliance against controls listed in NIST 800-53, creating A&A packages, and performing assessment, compliance, and validation of IT systems to support the Cybersecurity program at USSOCOM, its Component Commands, TSOCs, and deployed forces. The contractor shall execute comprehensive assessment, compliance, and validation of customer networks to ensure compliance with regulations and security standards, with the goal of ensuring the integrity of customer systems by identifying and mitigating potential shortcomings and vulnerabilities.
Advise USSOCOM, its Component Commands, TSOCs, and deployed forces on network and system risks, risk mitigation actions, and operational considerations.
Additionally, the Cybersecurity Systems Analyst should be able to perform security evaluations and vulnerability assessments using the DOD Assured Compliance Assessment Solution (ACAS), Nessus vulnerability scanning tool, and Security Content Automation Protocol tools. Identify applicable STIGs and perform assessments using SCAP tools. The Cybersecurity Systems Analyst will liaison with network and system administrators to correct identified deficiencies, scan (or review scans) for new systems and applications in the SOF environment, identify issues, and draft certification letters for the government. The contractor will liaise with the Site Integration Facility (SIF) to ensure systems and applications meet DISA STIG standards.
The Cybersecurity Systems Analyst should have knowledge of cyber network defense tools such as endpoint security and SIEM, and be able to relate to other related tools and processes.
Responsibilities Track A&A status of SIE governed ISs and ensure artifacts and documentation are available in USSOCOM-approved automated tools.
Perform the duties related to cybersecurity assessments, compliance, and authorization as described above.
Provide DoD & IC RMF subject matter expertise to USSOCOM, its Component Commands, TSOCs, deployed forces and their delegates, including other Contractors, and assist with the development and execution of the RMF program.
Maintain, track, and validate DISN, cloud and DIA connection approval packages across relevant commands and subordinate organizations.
Develop and maintain documentation for networks, cloud environments, information systems and technologies introduced into the SIE.
Develop and review A&A for networks, cloud environments, systems, services, and devices to obtain Authority to Operate (ATO), Interim Authority to Test (IATT), or Authority to Connect (ATC).
Perform risk and vulnerability assessments of IT/IS for authorization; prepare risk assessment reports for submission to the SCA and AO/DAO/DAA per applicable policies and regulations.
Assist with enforcement of A&A and connection standards across networks and systems.
Track and maintain A&A databases, websites, and tools to ensure proper cybersecurity documentation and management.
Report compliance with applicable cybersecurity regulations and directives to higher headquarters (e.g., USCYBERCOM, DIA).
Provide timely notifications to responsible personnel to prevent lapses in accreditations (e.g., 30/60/90 day notices).
Develop and maintain an Information Security Continuous Monitoring (ISCM) Plan addressing ongoing awareness, vulnerabilities, controls, and threats.
Identify, assess, and advise on cybersecurity control compliance and associated risks.
Coordinate with USCYBERCOM, DoD, DIA, NSA, DISA, and subordinate organizations to resolve security, A&A, connection approval, and waiver issues.
Perform network, cloud, information systems, hardware, software, and device security authorization and assessments, including policy execution and project management support.
Validate system patching, perform validation scans, develop Plans of Action & Milestones (POA&Ms), and report per applicable policies and regulations.
Provide subject matter expertise for COA development and implementation of cybersecurity mitigation strategies.
Develop and implement processes, procedures, and capabilities to mitigate vulnerabilities for software and hardware deployment.
Identify, implement, and validate continued effectiveness of key performance parameters and security measures.
Perform analytics on cybersecurity posture and provide reports to the AO/DAO and applicable stakeholders as required by ISCM and AO/DAO direction.
Knowledge, Skills and Abilities Experience with the US Combatant Commands (USCENTCOM/USSOCOM) is desired.
Technical background with system administration, architecture, and engineering experience is preferred.
Technical background in networking, identity management, Microsoft and Linux operating systems, databases, and mobility.
Working knowledge of RMF.
Knowledge of Telos Xacta or eMASS is desired.
Excellent written and verbal communication and interpersonal skills.
Knowledge and experience with DoD IA processes and policies (e.g., DODI 8510.01, NIST, CNSS, CJCSM 65101.01, Incident Response, and other IA policies).
Active TS/SCI clearance required.
Experience, Education, & Certification Requirements Years of Experience Required: 8+ yrs
Education Required: BA/BS
Certification Required: Current DoD 8570.01-M, IAT Level III or IAM Level III
Example Certifications: CISSP (or Associate), CASP+CE, CISA, CISM, CCISO, GCED, GCIH, CCSP, or GSLC
Other Information Physical Requirements: May include lifting up to 40 pounds as necessary. Work Environment may involve inside or outside work depending on the task. Travel up to 10% to support projects. Other essential functions include professional behavior, clear communication, appropriate grooming, and the ability to operate standard office equipment. When operating vehicles for work, wear seat belts and avoid cellular use while driving.
#J-18808-Ljbffr