Cyber Security Technology Management Analyst

Description

The Cyber Security Technology Management Analyst will perform audits on complex information systems, applications, and enclaves to ensure that appropriate controls exist and are correctly implemented; and that procedures comply with Federal, DOD, and DLA standards.

Duties and Responsibilities:

• Monitors Energy Applications for Industrial Control Systems (ICS), computer-controlled electro- mechanical systems that deliver installation infrastructure services including Supervisory Control and Data Acquisition (SCADA), Distributed Control System (DCS), Energy Assesses compliance with IA policy and recommends improvements as appropriate
• Monitors Information Assurance (IA) for Energy Applications to ensure compliance with Federal, DOD and DLA IA policy
• Monitors certification and accreditation activities
• Recommends preparation updating of documentation to support Federal Information Security Management Act (FISMA) and DOD Risk Management Framework (RMF) reporting requirements
• Performs technical reviews of documented security certification results
• Assesses their comprehensiveness
• Identifies system vulnerabilities and weaknesses
• Recommends human procedures, software configuration parameters, system changes, or combinations of them to mitigate the risk associated with detected vulnerabilities that could preclude accreditations
• Analyzes vulnerability scans and Security Readiness Review (SRR) results, Security Technical Implementation Guide (STIG) compliance and deficiencies of all forms identified during internal and external IA reviews
• Tracks deficiencies and vulnerabilities from identification through implementation of adequate mitigation measures
• Management Control System (EMCS), others, as applicable to specific programs

Requirements

Required Experience:

• Demonstrated experience of at least three years with the design, maintenance and operation of highly complex and high secure communications network environments
• Multi-discipline experience with Firewall/Intrusion Prevention Systems (IPS); antivirus, host-based protection; security incident event management; virtual shared computing environments; and network/security management
• Demonstrated understanding of communication protocols, network technologies and the International Organization for Standardization (ISO) Open Systems Interconnection telecommunications model
• Knowledge of Defense Information and Accreditation Risk Management Framework (RMF) and process for system and application controls
• Knowledge of DOD/DLA security policies and compliance

Minimum Requirements:

• Five (5) years of relevant experience
• Relevant certification meeting DOD 8570.01 IAM level III Note: Cybersecurity Certification is applicable to both Automated Information Systems (AIS)/IT and ICS/SCADA
• Ten years of practical industry, government and/or consulting experience in information technology management.
• IT project management experience using various Microsoft tools
• Knowledge and experience in managing information technology services and strategies.
• Proficiency in basic analytical software such as Microsoft Excel and Access, proficiency with the Microsoft Office suite, to include Word, PowerPoint and SharePoint.
• Must possess Critical sensitive IT-I security clearance (TS/SSBI)
• Experience with Enterprise Mission Assurance Support Service (eMASS)