Today
Secret
Senior Level Career (10+ yrs experience)
Unspecified
Occasional travel
IT - Security
Pearl City, HI (On-Site/Office)
Senior Cyber Security Analyst (RMF/ISSO) in Pearl City, Hawaii to support the US INDOPACOM J73 documenting security controls and creating Authority to Operate (ATO) packages.
JOB DESCRIPTION:
• Documenting security controls in SSP per NIST SP 800-53A rev5
• Create Authority to Operate (ATO) packages
• Validate vulnerability/risk assessment analysis to support accreditation
• Utilize various information system inspection tools to audit systems, analyze potential vulnerabilities and identify mitigation approaches
• Conduct technical evaluation of information system designs, focusing on information security aspects and accreditation
• Review completion and implementation of system additions and enhancements, and makes recommendations to management
• Determine system specifications, input/output processes, and working parameters for hardware and software compatibility
• Assist and review program documentation to include RMF reports, accreditation packages, and security policy guides using NIST 800-53A guidance
Qualifications - External
REQUIRED EDUCATION AND EXPERIENCE:
• Bachelors and five (5)+ years of related experience; additional four (4) years of experience accepted in lieu of degree
• Experience working with Authority to Operate (ATO) packages for both on-premises, and Cloud environments
• Experience using Government, Risk Compliance (GRC) tools (i.e. Cyber Security Assessment and Management (CSAM), eMASS, XACTA, etc.)
• Experience developing Standard Operating Procedures (SOP), After-Action Reports, and Policy and Procedure documents
• Experience documenting security controls in a System Security Plan (SSP) and how the controls are being implemented
• Strong working knowledge of Risk Management Framework (RMF), Cloud Security Requirements Guide (SRG), National Institute of Standards and Technology (NIST) guides, and Security Technical Implementation Guide (STIG)
• Understanding of the DOD requirements for the Network Topology, System Security Boundary, and Data Flow Diagrams
REQUIRED CERTIFICATION:
• Must have a current DoD IAM Level I or higher certification (i.e. Security+ CE, Cloud+, CASP+, OR CISSP etc.)
REQUIRED CLEARANCE:
• Must have a current Active Secret Clearance with the ability to obtain a TSSCI Clearance
• Must be a current US Citizen
JOB DESCRIPTION:
• Documenting security controls in SSP per NIST SP 800-53A rev5
• Create Authority to Operate (ATO) packages
• Validate vulnerability/risk assessment analysis to support accreditation
• Utilize various information system inspection tools to audit systems, analyze potential vulnerabilities and identify mitigation approaches
• Conduct technical evaluation of information system designs, focusing on information security aspects and accreditation
• Review completion and implementation of system additions and enhancements, and makes recommendations to management
• Determine system specifications, input/output processes, and working parameters for hardware and software compatibility
• Assist and review program documentation to include RMF reports, accreditation packages, and security policy guides using NIST 800-53A guidance
Qualifications - External
REQUIRED EDUCATION AND EXPERIENCE:
• Bachelors and five (5)+ years of related experience; additional four (4) years of experience accepted in lieu of degree
• Experience working with Authority to Operate (ATO) packages for both on-premises, and Cloud environments
• Experience using Government, Risk Compliance (GRC) tools (i.e. Cyber Security Assessment and Management (CSAM), eMASS, XACTA, etc.)
• Experience developing Standard Operating Procedures (SOP), After-Action Reports, and Policy and Procedure documents
• Experience documenting security controls in a System Security Plan (SSP) and how the controls are being implemented
• Strong working knowledge of Risk Management Framework (RMF), Cloud Security Requirements Guide (SRG), National Institute of Standards and Technology (NIST) guides, and Security Technical Implementation Guide (STIG)
• Understanding of the DOD requirements for the Network Topology, System Security Boundary, and Data Flow Diagrams
REQUIRED CERTIFICATION:
• Must have a current DoD IAM Level I or higher certification (i.e. Security+ CE, Cloud+, CASP+, OR CISSP etc.)
REQUIRED CLEARANCE:
• Must have a current Active Secret Clearance with the ability to obtain a TSSCI Clearance
• Must be a current US Citizen
group id: 10126049
