Cybersecurity Systems Analyst, Associate

$60,000 - $70,000/Yr

Feditc - Coronado, CA

posted 3 months ago

Full-time - Entry Level
Coronado, CA
Professional, Scientific, and Technical Services

About the position

FEDITC, LLC is seeking a Cybersecurity Systems Analyst, Associate to work in Coronado, CA. This position requires a United States Citizenship and an active TS/SCI DoD Security Clearance. The Cybersecurity Systems Analyst will perform assessment and authorization coordination, advising and assisting customers with the Risk Management Framework (RMF) and developing a Plan of Action and Milestones for resolving network deficiencies in accordance with DODI 8510.01 and ICD 503. The role involves assessing network compliance against controls listed in NIST 800-53 and creating Assessment and Authorization (A&A) packages. The analyst will execute comprehensive assessments, compliance checks, and validations of IT systems to support the Cybersecurity program, ensuring the integrity of customer systems by identifying and mitigating potential shortcomings and vulnerabilities. The Cybersecurity Systems Analyst will also perform security evaluations and vulnerability assessments using tools such as the DOD Assured Compliance Assessment Solution (ACAS), Nessus vulnerability scanning tool, and Security Content Automation Protocol tool. The role requires identifying applicable Security Technical Implementation Guides (STIGs) and performing assessments using the Security Content Automation Protocol tool. The analyst will liaise with network and system administrators to correct identified deficiencies and will scan or review scans for new systems and applications being introduced into the Special Operations Forces (SOF) environment, identifying issues and drafting certification letters for the government. Additionally, the analyst will work with the Site Integration Facility (SIF) to ensure systems and applications meet the standards in the DISA STIG. The position demands knowledge of cyber network defense tools such as endpoint security, Security Information and Event Management (SIEM), and compliance to connect. The Cybersecurity Systems Analyst will track A&A status of SIE governed Information Systems (ISs), ensuring documentation is available in the USSOCOM-chosen automated tool. The analyst will provide subject matter expertise in DoD and Intelligence Community (IC) RMF, assist with the development and execution of the RMF program, and maintain, track, and validate DISN, cloud, and DIA connection approval packages. The role also includes developing and maintaining supporting documentation for new and existing networks, cloud environments, information systems, and technologies as they are introduced into the SIE.

Responsibilities

  • Tracks A&A status of SIE governed ISs.
  • Ensures artifacts and documentation are available in the USSOCOM-chosen automated tool.
  • Advises stakeholders on the adequacy of implementation of cybersecurity requirements.
  • Provides DoD & IC RMF subject matter expertise, and assists with the development and execution of the RMF program.
  • Maintains, tracks, and validates DISN, cloud and DIA connection approval packages.
  • Develops and maintains supporting documentation for new and existing networks, cloud environments, information systems and technologies as they are introduced into the SIE.
  • Develops and reviews the A&A of SIE networks, cloud environments, systems, services, telecommunication circuits, mobile devices, portable electronic devices, hardware, and software using the DoD & IC RMF to obtain an Authority to Operate (ATO), Interim Authority to Test (IATT), or Authority to Connect (ATC).
  • Performs risk and vulnerability assessments of IT and IS for authorization; prepares risk assessment reports for submission to the SCA and Authorizing Official/Designated Accrediting Authority (AO/DAO/DAA) in accordance with policies, procedures, and regulations.
  • Assists with the enforcement of A&A, as well as DoD, DIA, USSOCOM, Component Command, TSOC, and deployed forces' connection standards for networks and systems.
  • Tracks and maintains A&A databases, web sites and tools to ensure that networks, systems and devices are properly documented and managed from a cybersecurity perspective.
  • Tracks and reports to higher headquarters organizations (e.g. USCYBERCOM, DIA) compliance with applicable Cybersecurity regulations and directives.
  • Ensures timely notifications are made to responsible individuals and organizations to prevent lapses in accreditations (e.g., 30, 60, and 90 day notices).
  • Develops and maintains an Information Security Continuous Monitoring (ISCM) Plan addressing ongoing awareness of information security, vulnerabilities, security controls, and threats to support organizational risk management decisions.
  • Identifies, assesses, and advises on cybersecurity control compliance and associated risks.
  • Coordinates with USCYBERCOM, DoD, DIA, NSA, DISA, and subordinate organizations to support the resolution of issues with security, A&A, connection approvals, and waiver requests.
  • Performs network, cloud, information systems, hardware, software and device security authorization and assessments, as well as the application and execution of policy, including project management support services.
  • Validates the patching of systems, performs validation scanning, develops Plans of Action & Milestone (POA&Ms), and reports as directed by applicable policies, procedures, and regulations.
  • Provides subject matter expertise for COA development and the implementation of Cybersecurity mitigation strategies.
  • Develops and implements required processes, procedures, and capabilities to mitigate vulnerabilities and weaknesses for software and hardware deployment.
  • Identifies, implements and validates continued effectiveness of key performance parameters and applied security measures.
  • Performs analytics on cybersecurity posture and provides reports to the AO/DAO and applicable stakeholders as required per ISCM and AO/DAO direction.

Requirements

  • 3+ years of progressive, relevant experience or equivalent combination of education and experience.
  • Experience with the US Combatant Commands (USCENTCOM/USSOCOM) is desired.
  • Technical background with system administration experience, architecture and engineering preferred.
  • Technical background in networking, identity management, Microsoft and Linux operating systems, database, and mobility.
  • Working knowledge of the RMF.
  • Knowledge of the Telos Xacta or Enterprise Mission Assurance Support Services (eMASS) system is desired.
  • Excellent communication skills (written and oral) and interpersonal skills.
  • Knowledge and experience with DoD IA processes and policies (e.g., DODI 8510.01, NIST, CNSS and other cybersecurity policies, CJCSM 65101.01, Incident Response and other IA policies).
  • BA/BS Degree.
  • IAT Level II certification.

Nice-to-haves

  • Experience with DoD IA processes and policies.
  • Knowledge of cyber network defense tools such as endpoint security and SIEM.

Benefits

  • Competitive salary between $60,000 - $70,000 a year.
  • Full-time employment with opportunities for career advancement.
  • Support for ongoing education and skill development.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service