Feditc - Tampa, FL

posted about 1 month ago

Full-time - Mid Level
Tampa, FL
Professional, Scientific, and Technical Services

About the position

FEDITC, LLC is a fast-growing business supporting the Department of Defense (DoD) and other intelligence agencies worldwide. The company develops mission-critical national security systems that directly support the Warfighter, DoD Leadership, and the country. We are proud and honored to provide these essential services. FEDITC is seeking a Cybersecurity Systems Analyst, Intermediate, to work at MacDill Air Force Base (AFB). A United States Citizenship and an active TS/SCI DoD Security Clearance are required to be considered for this position. The Cybersecurity Systems Analyst will perform assessment and authorization coordination, advising and assisting the customer with the Risk Management Framework (RMF) and developing a Plan of Action and Milestones for resolving network deficiencies in accordance with DODI 8510.01 and ICD 503. This role includes assessing network compliance against controls listed in NIST 800-53 and creating Assessment and Authorization (A&A) packages. The Cybersecurity Systems Analyst will execute comprehensive assessments, compliance checks, and validations of IT systems to support the Cybersecurity program. The primary goal is to ensure the integrity of customer systems by identifying and mitigating potential shortcomings and vulnerabilities. The analyst will advise on network and system risks, recommend risk mitigation courses of action, and provide operational support. Additionally, the analyst should be capable of performing security evaluations and vulnerability assessments using tools such as the DOD Assured Compliance Assessment Solution (ACAS), Nessus vulnerability scanning tool, and Security Content Automation Protocol tool. The role also involves liaising with network and system administrators to correct identified deficiencies, scanning for new systems and applications being introduced into the Special Operations Forces (SOF) environment, identifying issues, and drafting certification letters for the government. The Cybersecurity Systems Analyst will work closely with the Site Integration Facility (SIF) to ensure that systems and applications meet the standards outlined in the DISA Security Technical Implementation Guides (STIG). Knowledge of cyber network defense tools such as endpoint security, Security Information and Event Management (SIEM), and compliance to connect is essential.

Responsibilities

  • Tracks A&A status of SIE governed ISs.
  • Ensures artifacts and documentation are available in the USSOCOM-chosen automated tool.
  • Advises stakeholders on the adequacy of implementation of cybersecurity requirements.
  • Provides DoD & IC RMF subject matter expertise and assists with the development and execution of the RMF program.
  • Maintains, tracks, and validates DISN, cloud, and DIA connection approval packages.
  • Develops and maintains supporting documentation for new and existing networks, cloud environments, information systems, and technologies as they are introduced into the SIE.
  • Develops and reviews the A&A of SIE networks, cloud environments, systems, services, telecommunication circuits, mobile devices, portable electronic devices, hardware, and software using the DoD & IC RMF to obtain an Authority to Operate (ATO), Interim Authority to Test (IATT), or Authority to Connect (ATC).
  • Performs risk and vulnerability assessments of IT and IS for authorization; prepares risk assessment reports for submission to the SCA and Authorizing Official/Designated Accrediting Authority (AO/DAO/DAA) in accordance with DoD, DIA, USCYBERCOM, USSOCOM, Component Command, TSOC, and deployed forces policies, procedures, and regulations.
  • Assists with the enforcement of A&A, as well as DoD, DIA, USSOCOM, Component Command, TSOC, and deployed forces connection standards for networks and systems.
  • Tracks and maintains A&A databases, websites, and tools to ensure that networks, systems, and devices are properly documented and managed from a cybersecurity perspective.
  • Tracks and reports to higher headquarters organizations (e.g., USCYBERCOM, DIA) compliance with applicable Cybersecurity regulations and directives.
  • Ensures timely notifications are made to responsible individuals and organizations to prevent lapses in accreditations (e.g., 30, 60, and 90-day notices).
  • Develops and maintains an Information Security Continuous Monitoring (ISCM) Plan addressing ongoing awareness of information security, vulnerabilities, security controls, and threats to support organizational risk management decisions.
  • Identifies, assesses, and advises on cybersecurity control compliance and associated risks.
  • Coordinates with USCYBERCOM, DoD, DIA, NSA, DISA, and subordinate organizations to support the resolution of issues with security, A&A, connection approvals, and waiver requests.
  • Performs network, cloud, information systems, hardware, software, and device security authorization and assessments, as well as the application and execution of policy, including project management support services.
  • Validates the patching of systems, performs validation scanning, develops Plans of Action & Milestones (POA&Ms), and reports as directed by applicable policies, procedures, and regulations.
  • Provides subject matter expertise for COA development and the implementation of Cybersecurity mitigation strategies.
  • Develops and implements required processes, procedures, and capabilities to mitigate vulnerabilities and weaknesses for software and hardware deployment.
  • Identifies, implements, and validates continued effectiveness of key performance parameters and applied security measures.
  • Performs analytics on cybersecurity posture and provides reports to the AO/DAO and applicable stakeholders as required per ISCM and AO/DAO direction.

Requirements

  • 5+ years of progressive, relevant experience or equivalent combination of education and experience.
  • Experience with the US Combatant Commands (USCENTCOM/USSOCOM) is desired.
  • Technical background with system administration experience, architecture, and engineering preferred.
  • Technical background in networking, identity management, Microsoft and Linux operating systems, database, and mobility.
  • Working knowledge of the RMF.
  • Knowledge of the Telos Xacta or Enterprise Mission Assurance Support Services (eMASS) system is desired.
  • Excellent communication skills (written and oral) and interpersonal skills are required.
  • Knowledge and experience with DoD IA processes and policies (e.g., DODI 8510.01, NIST, CNSS and other cybersecurity policies, CJCSM 65101.01, Incident Response and other IA policies).
  • BA/BS Degree is required.
  • IAM Level II certification is required.
  • Active TS/SCI clearance is required.

Nice-to-haves

  • Experience with the Telos Xacta or Enterprise Mission Assurance Support Services (eMASS) system is desired.
  • Technical background with system administration experience, architecture, and engineering preferred.
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service