Cybersecurity Systems Analyst - Senior Job at ClearanceJobs in Washington

divh2Cybersecurity Systems Analyst/h2pPerforms assessment and authorization coordination. Advises and assists the customer with Risk Management Framework (RMF) and develops a Plan of Action and Milestones for resolving network deficiencies in accordance with DODI 8510.01 and ICD 503. The duties of this task include assessing network compliance against controls listed in NIST 800-53 and creating AA packages. Performs assessment, compliance, and validation of IT systems to support the Cybersecurity program at USSOCOM, its Component Commands, TSOCs, and deployed forces. The Contractor shall execute a comprehensive assessment, compliance and validation of customer networks to ensure compliance with regulations and security and standards. The end goal is to ensure the integrity of customer systems by identifying and mitigating potential shortcomings and vulnerabilities. Advise USSOCOM, its Component Commands, TSOCs, and deployed forces on network and system risks, risk mitigation courses of action, and operational./ppTypical duties include:/pulliTracks AA status of SIE governed ISs. Ensures these artifacts and documentation are available in the USSOCOM-chosen automated tool./liliImplementation of cybersecurity requirements./liliProvide DoD IC RMF subject matter expertise to USSOCOM, its Component Commands, TSOCs, deployed forces and their delegates, including other Contractors, and assist with the development and execution of the RMF program at USSOCOM, its Component Commands, TSOCs, and deployed forces./liliMaintain, track, and validate DISN, cloud and DIA connection approval packages, including those from USSOCOM, its Component Commands, TSOCs, and other subordinate organizations./liliDevelop and maintain supporting documentation for new and existing networks, cloud environments, information systems and technologies as they are introduced into the SIE./liliDevelop and review the AA of SIE networks, cloud environments, systems, services, telecommunication circuits, mobile devices, portable electronic devices, hardware, and software using the DoD IC RMF to obtain an Authority to Operate (ATO), Interim Authority to Test (IATT), or Authority to Connect (ATC)./liliPerform risk and vulnerability assessments of IT and IS for authorization; prepare risk assessment reports for submission to the SCA and Authorizing Official/Designated Authorizing Official/Designated Accrediting Authority (AO/DAO/DAA) in accordance with DoD, DIA, USCYBERCOM, USSOCOM, Component Command, TSOC, and deployed forces policies, procedures, and regulations./liliAssist USSOCOM, its Component Commands, TSOCs and deployed forces with the enforcement of AA, as well as DoD, DIA, USSOCOM, Component Command, TSOC, and deployed forces connection standards for networks and systems./liliTrack and maintain AA databases, web sites and tools to ensure that networks, systems and devices are properly documented and managed from a cybersecurity perspective./liliTrack and report to higher headquarters organizations (e.g. USCYBERCOM, DIA) compliance with applicable Cybersecurity regulations and directives./liliEnsure timely notifications are made to responsible individuals and organizations in order to prevent lapses in accreditations (e.g., 30, 60, and 90 day notices)./liliDevelop and maintain an Information Security Continuous Monitoring (ISCM) Plan. This plan shall address ongoing awareness of information security, vulnerabilities, security controls, and threats to support organizational risk management decisions./liliIdentify, assess, and advise on cybersecurity control compliance and associated risks./liliCoordinate with USCYBERCOM, DoD, DIA, NSA, DISA, and subordinate organizations to support the resolution of issues with security, AA, connection approvals, and waiver requests./liliPerform network, cloud, information systems, hardware, software and device security authorization and assessments, as well as the application and execution of policy, including project management support services./liliValidate the patching of systems, perform validation scanning, develop Plans of Action Milestone (POAMs), and report as directed by applicable policies, procedures, and regulations./liliProvide subject matter expertise for COA development and the implementation of Cybersecurity mitigation strategies./liliDevelop and implement required processes, procedures, and capabilities to mitigate vulnerabilities and weaknesses for software and hardware deployment./liliIdentify, implement and validate continued effectiveness of key performance parameters and applied security measures/liliPerform analytics on cybersecurity posture and provide reports to the AO/DAO and applicable stakeholders as required per ISCM and AO/DAO direction./li/ulpKnowledge, Skills and Abilities:/pulliExperience with the US Combatant Commands (USCENTCOM/USSOCOM) is desired./liliTechnical background with system administration experience, architecture and engineering preferred/liliTechnical background in networking, identity management, Microsoft and Linux operating systems, database, and mobility/liliWorking knowledge of the RMF./liliKnowledge of the Telos Xacta or Enterprise Mission Assurance Support Services (eMASS) system is desired./liliMust have excellent communications skill (written and oral) and interpersonal skills./liliKnowledge and experience with DoD IA processes and policies (e.g., DODI 8510.01, NIST, CNSS and other cybersecurity policies, Chairman of the Joint Chiefs of Staff Manual (CJCSM) 65101.01, Incident Response and other IA policies)./liliActive TS/SCI clearance required./li/ulpExperience, Education, Certification Requirements:/pulliYears Of Experience Required: 8+ yrs/liliEducation Required: BA/BS/liliCertification Required: Current DoD 8570.01- M, IAT- Level III or IAM Level III./liliExample Certs: CISSP (or Associate), CASP+CE, CISA, CISM, CCISO, GCED, GCIH, CCSP, or GSLC/li/ul/div