Cybersecurity Certification and Accreditation Analyst

Soft Tech Consulting - Fort Belvoir, VA

posted 4 months ago

Full-time - Mid Level
Hybrid - Fort Belvoir, VA
Professional, Scientific, and Technical Services

About the position

Soft Tech Consulting is seeking a highly motivated, self-directed individual to fill the role of Cybersecurity Certification and Accreditation Analyst. The selected individual will join a collaborative team environment where they will provide expertise and guidance for the project, including defining the project's objectives, and assist in coordinating the efforts of team members in order to deliver the project according to plan. Key to the success of this position is the successful delivery of projects and effective communication to all levels of staff for reporting project status. The role requires a strong understanding of cybersecurity policies and procedures, particularly in relation to the Department of Defense (DOD) authorization process. The analyst will serve as a Subject Matter Expert (SME) in cybersecurity, ensuring that all information systems are authorized in compliance with established policies and procedures. This position is critical in evaluating security controls and determining the severity of vulnerabilities, as well as briefing senior management on the progress of information systems undergoing the authorization process. The work schedule is hybrid, allowing for a combination of remote and on-site work at Fort Belvoir, VA.

Responsibilities

  • Serves as a cybersecurity Subject Matter Expert (SME) with regards to the authorization of information systems and all associated cybersecurity policies and procedures.
  • Fully versed in the general tenets supporting the overall DOD implementation of its authorization process, to include supporting cybersecurity policy, procedures and processes.
  • Performs a DOD cybersecurity process while either authorizing an information system or serving as a SME for an information system undergoing authorization.
  • Possess an understanding of how the security controls identified in the NIST 800-53 apply to the process of assessing and authorizing a large organization's IT infrastructure, in which there is a compilation of large and small enclaves, AIS applications and outsourced IT processes.
  • Conducts accurate evaluation of the level of security required.
  • Possess an understanding of how the security controls identified in the NIST 800-53, NIST 800-82, and Purdue Model apply to the process of validating and authorizing an OT/FRCS infrastructure/system.
  • Determines the applicable severity value for an identified vulnerability (e.g., non-compliant security control), and determines the possible ramifications on the system's current or future authorization.
  • Required to brief senior management on the progress or results of an information system undergoing the authorization process.

Requirements

  • 5 years of relevant C&A experience;
  • Risk Management Framework (RMF) and NIST C&A experience;
  • DOD cybersecurity experience
  • 3 years of experience with eMASS
  • When in 60 days of award, must have DHS ICS 301/301V or 401/401V certificates.
  • Strong knowledge of NIST 800-82 Rev 2, and Purdue Model
  • DOD Secret Clearance.
  • Must be eligible for IT II
  • Relevant certification meeting DOD 8570.01 IAM level III
  • Experience in assessing security controls and conducting authorization reviews for large, complex organizations.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service