Cyber Security Analyst

Performs system inventory, monitoring, and analysis support for the protection of industrial control systems and provides recommendations on how to correct findings.Responsibilities of an RMF Analyst include, but are not limited to, maintenance of authorization packages, account management, security auditing, and configuration management reporting.

Principal Duties and Responsibilities (*Essential Functions):

• Develops Risk Management Framework (RMF) Certification and Accreditation documentation, standard operating procedures, policies, and security instructions for both networked and stand-alone computer systems and provides oversight and guidance for multiple systems.
• Supports the Cyber Security Program to include, but not limited to, Cyber Security policy, procedures, and regulations to assist with identifying potentialCyber Security issues.
• Inventories, monitors, evaluates, and maintains systems and procedures to safeguard information systems, networks, and databases.
• Implements, enforces, communicates, and develops security policies or plans for data, software applications, hardware, telecommunications, and information systems security education/ awareness programs.
• Establishes and satisfies system-wide information security requirements based upon the analysis of user, policy, regulatory, and resource demands.

Required Experience

• Bachelors degree in related field, or equivalent experience.Minimum of 3 related certifications may be used in place of unrelated degree field.
• Minimum of 8 years of work-related experience.
• Currently active Security+ CE certification or other equable DoD 8570 Information Assurance IAM-I level certification.
• Currently active DoD SECRET security clearance; US Citizenship required.
• Experience determining and assessing vulnerabilities including planning, testing, and documenting (DoD) accreditation packages for Information Technology (IT) systems and networks, specifically within RMF.
• Working knowledge of eMASS, ACAS, DISA STIGS, and STIG-Tools (Specifically the Application Security and Development STIG).
• Experience inventorying systems.
• Strong written and verbal communication skills.
• Must have good interpersonalskills and the ability to adapt to a dynamic customer-oriented environment.

Preferred Qualifications

• Experience applying DISA STIGS, conducting vulnerability audits, security configuration checks, and system configuration scans to meet Cyber Security requirements.
• Knowledge of Information Security and Auditing.
• Knowledge of Federal and DoD Guidance DoDI 8500.1, DoDI 8500.2, DoDI 8510.01, SP 800-57, SP 800-53, and CNSSI 1253.