Cybersecurity Specialist

Description

Position title : Cybersecurity Specialist

Location : Coronado, CA

Clearance level required : Top Secret/SCI

Responsibilities include (but are not limited to):

• Assist with performing risk and vulnerability assessments, compliance, and validation of IT systems to manage risk, control access, continuous monitoring and incident response, training and awareness, and ensure compliance with governance and policies in support of the Cybersecurity program.
• Provide inputs to cybersecurity reports, System Access Authorization Requests (SAAR), Standard Operating Procedures (SOP), Plan of Action and Milestones (POAM), and course of action (COA) development and the implementation of Cybersecurity mitigation strategies.
• Assist with Risk Management Framework (RMF) packages for the Assessment and Authorization (A&A) of existing systems and emerging technology.
• Provide inputs to RMF body of evidence (BoE) artifacts, to include but not limited to: Information Management Tool (IMT) RMF discovery checklist IMT-55, RMF supplemental checklist, hardware and software lists, system interface (ports and protocols), DoD Architectural Framework (DoDAF) and/or Defense Information Systems Network (DISN) architecture drawings and diagrams (topology, data flow, accreditation boundary, rack/room/equipment layout), Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIG)/ Security Requirements Guide (SRG) check Files using the DISA STIG viewer tool, Security Content Automation Protocol (SCAP) files, scans, Concept of Operations (CONOPS), User Access Policies, Continuity of Operations (COOP), Privacy Impact Assessment (PIA), Interconnect Security Agreements (ISA), and POAMs. Ensure BoE documents are available in the USSOCOM-chosen automated tool.
• Assist to track and maintain A&A databases, web sites and tools to ensure that networks, systems, and devices are properly documented and managed from a cybersecurity perspective.
• Assist to track and report compliance with applicable Cybersecurity regulations and directives.
• Assist with Change Management and Incident Handling processes, to manage Remedy ticket requests for Incident Response and cybersecurity requirements.
• Provide inputs to accurately define incidents, problems, and events in the trouble ticketing system. Assist with diagnosing and resolving tickets and help maintain incident tracking and solution database/dashboard.
• Provide inputs to develop and maintain an Information Security Continuous Monitoring (ISCM) Plan. This plan shall address ongoing awareness of information security, vulnerabilities, security controls, and threats to support organizational risk management decisions.
• Assist with performing network security evaluations and vulnerability assessments using the DOD Assured Compliance Assessment Solution (ACAS), Nessus vulnerability scanning tool and Security Content Automation Protocol tool.
• Provide inputs to identify applicable STIGs and perform assessments using the Security Content Automation Protocol tool. Liaisons with network and system administrators to correct identified deficiencies. Provide assessment of scans for new systems and applications being introduced or reviewed in the SIE, identify issues, and provide inputs to certification letters for the government. The contractor will liaison with government POCs to ensure systems and application meet the standards in the DISA STIGs.
• Assist with validating the patching of systems, perform validation scanning, develop POAM, and report as directed by applicable policies, procedures, and regulations.
• Provide inputs to develop and implement required processes, procedures, and capabilities to mitigate vulnerabilities and weaknesses for software and hardware deployment.

Qualifications

Qualifications :

• Must meet requirements for IAM level I category.
• Possess and maintain an active DoD TOP SECRET SCI security clearance.
• Possess a minimum of 3 years in Cyber Security.