NCIS Cyber Security Analyst | TS/SCI clearance

$78,200 - $105,800/Yr

Unclassified - Quantico, VA

posted 3 months ago

Full-time - Mid Level
Remote - Quantico, VA
10,001+ employees

About the position

Transform technology into opportunity as a Cyber Security Analyst with GDIT. A career in enterprise IT means connecting and enhancing the systems that matter most. At GDIT, you'll be at the forefront of innovation and play a meaningful part in improving how agencies operate. Our work depends on Cyber Security Analysts joining our IT Technology Development division within the NCIS ITD organization in Quantico, VA. The Naval Criminal Investigative Service (NCIS) is an organization of over 2,200 personnel, with 700 serving at HQ and the remaining staff serving at offices worldwide. NCIS is the Department of Navy (DON) component with primary responsibility for criminal investigation, law enforcement (LE), counter-terrorism (CT), counterintelligence (CI), and cyber matters. NCIS not only has primary responsibility for all criminal investigative, CI, CT, and cyber matters within the DON, but it also has exclusive investigative jurisdiction in non-combat matters involving actual, potential, or suspected criminal, terrorism, sabotage, espionage, and subversive activities. As a Cyber Security Analyst, you will support all authorization package ACAS related tasks assigned to ISSEs and NQVs. The goal is to provide the required artifacts in accordance with the Navy Testing Guidance and Risk Management Framework (RMF) Process Guide required for the submission of an RMF Authorization package. You will perform 90 Day Baseline Scans for each Authorization package in accordance with Navy requirements, provide Detailed Vulnerability List (DVL) Reports for use in the eMASS record, and provide ACAS Summary Reports in accordance with the Navy Testing Guidance. Additionally, you will conduct weekly and “As Needed” ACAS scans in support of RMF STEP 3/STEP 4 processes, vulnerability assessments, and queries specifically targeting authorization package assets. You will support continuous monitoring for authorized packages and report vulnerability status of all active Enterprise Security packages, creating asset lists using provided hardware lists. You will also perform risk analyses of computer systems and applications during all phases of the system development life cycle using the Assured Compliance Assessment Solution (ACAS) tool. Your responsibilities will include initiating Enterprise Mission Assurance Support Service (eMASS) registrations, preparing, processing, updating, and monitoring RMF Assessment and Authorization (A&A) packages, ensuring A&A packages are evaluated and maintained in a compliant status, and implementing and validating A&A packages to ensure security controls and vulnerabilities meet DON RMF authorization compliance requirements.

Responsibilities

  • Support all authorization package ACAS related tasks assigned to ISSEs and NQVs.
  • Perform 90 Day Baseline Scans for each Authorization package in accordance with Navy requirements.
  • Provide Detailed Vulnerability List (DVL) Reports for use in the eMASS record.
  • Provide ACAS Summary Reports in accordance with the Navy Testing Guidance.
  • Conduct weekly and 'As Needed' ACAS scans in support of RMF STEP 3/STEP 4 processes.
  • Perform vulnerability assessments and queries specifically targeting authorization package assets.
  • Support continuous monitoring for authorized packages and report vulnerability status of all active Enterprise Security packages.
  • Create asset lists using provided hardware lists.
  • Perform risk analyses of computer systems and applications during all phases of the system development life cycle using the ACAS tool.
  • Initiate Enterprise Mission Assurance Support Service (eMASS) registrations.
  • Prepare, process, update, and monitor RMF Assessment and Authorization (A&A) packages.
  • Ensure A&A packages are evaluated and maintained in a compliant status.
  • Implement and validate A&A packages to ensure security controls and vulnerabilities meet DON RMF authorization compliance requirements.

Requirements

  • Active Top Secret clearance with SCI Eligibility.
  • 5+ years of experience in the systems security discipline with specific emphasis on Navy Cybersecurity practices.
  • Must meet or exceed OPNAVINST 5239 requirements to be certified as a Navy Qualified Validator or must be certified within 6 months of start date.
  • Experience in the development of RMF Assessment and Authorization (A&A) Security Plans (SP).
  • Experience with System Level Continuous Monitoring (SLCM).
  • Experience with Ports, Protocols and Services Management (PPSM).
  • Experience with Host Based Security Systems (HBSS).
  • Experience with Assured Compliance Assessment Solution (ACAS) vulnerability scanning.
  • Experience with Enterprise Mission Assurance Support Service (eMASS) tools.
  • Experience preparing, processing, assessing, validating, and maintaining RMF A&A packages using eMASS and XACTA tools.
  • Experience with using public key-based technologies for applications.
  • Required Certifications: Security+ CE.
  • Education: BS Degree or 4 years additional experience in lieu of degree.

Nice-to-haves

  • Completed Navy RMF training
  • Formal ACAS training
  • Formal eMASS training

Benefits

  • 401K with company match
  • Comprehensive health and wellness packages
  • Internal mobility team dedicated to helping you own your career
  • Professional growth opportunities including paid education and certifications
  • Cutting-edge technology you can learn from
  • Paid vacation and holidays
  • Short and long-term disability benefits
  • Life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service