Today
Secret
$120,001 - $160,000
Unspecified
IT - Security
Pearl Harbor, HI (On-Site/Office)
Description
SAIC is seeking qualified Cybersecurity Analyst for an Air Force TENCAP HOPE 2.0 contract at Joint Base Pearl Harbor Hickam, Hawaii.
The Cybersecurity Analyst will:
• Perform network security monitoring and incident response for a DoW customer.
• Support the sustainment of the accredited cybersecurity posture of domain enclaves by actively tracking and maintaining each network's cyber-vulnerability level and system compliance with applicable Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs). Report any deviations or shortfalls to the Information System Security Manager (ISSM) for action.
• Support and assist with the STIG/SRG checklist process, tracking automated compliance scans and manual STIG checklists based on DISA releases. Validate results and track/report compliance of configuration changes based on CYBERCOM tasking orders or other DoW short-notice threat response notifications.
• Maintain lists of active hosts on different networks and the corresponding basic inventory listings of software used to determine STIGs and/or SRGs that need to be applied.
• Assist in researching configuration updates/changes and apply a "patch-and-test" approach to determine if a particular configuration update/change will have a detrimental effect on the processes and mission to decide on application in the operational environment.
• Provide comprehensive cybersecurity support in support of Modeling and Simulation / Live, Virtual, and Constructive (M&S/LVC) information technology systems.
• Provide comprehensive support to scan and remediate networks.
• Provide comprehensive support to security monitoring and detection of unauthorized access.
• Develop and execute Government approved security policies, plans, and procedures, implement data network security measures, operate and monitor network intrusion detection and forensic systems, conduct IS security incident handling, support Continuity of Operations Plan/Disaster Recovery (COOP/DR) plans, and perform certification of IS and networks. Provide technical support for Plan of Action and Mitigation process and remediation activities.
• Provide comprehensive support to obtaining and maintaining Authority to Operate (ATO) accreditation for networks and systems.
• Provide other related support including but not limited to:
- Review system artifacts and documents for accuracy.
- Conduct facility visits to observe the actual processes related to each Information Assurance (IA) control (technical, personnel, operational, or management).
- Report security findings and issues associated with the RMF process to the appropriate Cybersecurity POCs.
- Support and coordinate necessary documentation submissions for network and system Interconnection Security Agreements (ISAs), Authority to Connect (ATC), or other security agreements for both persistent and event-based interconnections.
- Participate in meetings with system Information Assurance Security Officers (IASOs), Program Managers (PMs), Information System Security Managers (ISSMs) and their representatives, and other cybersecurity representatives of unit driven events or initiatives. During these meetings present issues and recommendations. Provide meeting reports that outline the discussion topics, problem areas, action items, and resolution recommendations.
- Support system administration personnel with other related functions to include but not limited to implementation and sustainment of cybersecurity best practices in accordance with DoW and DISA directives to maximize confidentiality, integrity, and availability of the networks and training mission.
- For scheduled and unscheduled cybersecurity posture audits, report observations, findings, and any corrective actions applied or recommended. Provide relevant metrics on results of audits, identifying trends and recommendations to reduce vulnerabilities and maintain or improve system security posture.
Qualifications
Experience and Qualifications:
• Bachelor's and 9, or relevant years of experience in lieu of degree. Must be a US Citizen and currently possess a Secret Security Clearance.
• DoW 8140.03 Foundational Qualification for and Intermediate Level, Vulnerability Analyst Certification.
• Detailed understanding of DoW cybersecurity policies and procedures, including FIPS 199, FIPS 200, NIST 800-53, DHS 4300A SSH, and other applicable policies.
• Comprehensive knowledge of Physical Security principles, methods, and techniques.
• Proficient in operating and configuring ACAS, HBSS, and vulnerability scanners.
• Proficient using MS Office including Word, PowerPoint, Excel, SharePoint, and Teams.
Desired Experience and Qualifications:
• Operating system certification (i.e., Microsoft Certified Solutions Expert and/or Red Hat Certified System Administrator).
• Microsoft Windows environment, UNIX, Linux, , VMWare, VDI zero client architecture.
• Microsoft Certified Solutions Craftsman: Server Infrastructure and/or Red Hat Certified System Administrator.
• Certified Information Systems Security Profession (CISSP) or CompTIA Advanced Security Practitioner (CASP).
Target salary range: $120,001 - $160,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
SAIC is seeking qualified Cybersecurity Analyst for an Air Force TENCAP HOPE 2.0 contract at Joint Base Pearl Harbor Hickam, Hawaii.
The Cybersecurity Analyst will:
• Perform network security monitoring and incident response for a DoW customer.
• Support the sustainment of the accredited cybersecurity posture of domain enclaves by actively tracking and maintaining each network's cyber-vulnerability level and system compliance with applicable Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs). Report any deviations or shortfalls to the Information System Security Manager (ISSM) for action.
• Support and assist with the STIG/SRG checklist process, tracking automated compliance scans and manual STIG checklists based on DISA releases. Validate results and track/report compliance of configuration changes based on CYBERCOM tasking orders or other DoW short-notice threat response notifications.
• Maintain lists of active hosts on different networks and the corresponding basic inventory listings of software used to determine STIGs and/or SRGs that need to be applied.
• Assist in researching configuration updates/changes and apply a "patch-and-test" approach to determine if a particular configuration update/change will have a detrimental effect on the processes and mission to decide on application in the operational environment.
• Provide comprehensive cybersecurity support in support of Modeling and Simulation / Live, Virtual, and Constructive (M&S/LVC) information technology systems.
• Provide comprehensive support to scan and remediate networks.
• Provide comprehensive support to security monitoring and detection of unauthorized access.
• Develop and execute Government approved security policies, plans, and procedures, implement data network security measures, operate and monitor network intrusion detection and forensic systems, conduct IS security incident handling, support Continuity of Operations Plan/Disaster Recovery (COOP/DR) plans, and perform certification of IS and networks. Provide technical support for Plan of Action and Mitigation process and remediation activities.
• Provide comprehensive support to obtaining and maintaining Authority to Operate (ATO) accreditation for networks and systems.
• Provide other related support including but not limited to:
- Review system artifacts and documents for accuracy.
- Conduct facility visits to observe the actual processes related to each Information Assurance (IA) control (technical, personnel, operational, or management).
- Report security findings and issues associated with the RMF process to the appropriate Cybersecurity POCs.
- Support and coordinate necessary documentation submissions for network and system Interconnection Security Agreements (ISAs), Authority to Connect (ATC), or other security agreements for both persistent and event-based interconnections.
- Participate in meetings with system Information Assurance Security Officers (IASOs), Program Managers (PMs), Information System Security Managers (ISSMs) and their representatives, and other cybersecurity representatives of unit driven events or initiatives. During these meetings present issues and recommendations. Provide meeting reports that outline the discussion topics, problem areas, action items, and resolution recommendations.
- Support system administration personnel with other related functions to include but not limited to implementation and sustainment of cybersecurity best practices in accordance with DoW and DISA directives to maximize confidentiality, integrity, and availability of the networks and training mission.
- For scheduled and unscheduled cybersecurity posture audits, report observations, findings, and any corrective actions applied or recommended. Provide relevant metrics on results of audits, identifying trends and recommendations to reduce vulnerabilities and maintain or improve system security posture.
Qualifications
Experience and Qualifications:
• Bachelor's and 9, or relevant years of experience in lieu of degree. Must be a US Citizen and currently possess a Secret Security Clearance.
• DoW 8140.03 Foundational Qualification for and Intermediate Level, Vulnerability Analyst Certification.
• Detailed understanding of DoW cybersecurity policies and procedures, including FIPS 199, FIPS 200, NIST 800-53, DHS 4300A SSH, and other applicable policies.
• Comprehensive knowledge of Physical Security principles, methods, and techniques.
• Proficient in operating and configuring ACAS, HBSS, and vulnerability scanners.
• Proficient using MS Office including Word, PowerPoint, Excel, SharePoint, and Teams.
Desired Experience and Qualifications:
• Operating system certification (i.e., Microsoft Certified Solutions Expert and/or Red Hat Certified System Administrator).
• Microsoft Windows environment, UNIX, Linux, , VMWare, VDI zero client architecture.
• Microsoft Certified Solutions Craftsman: Server Infrastructure and/or Red Hat Certified System Administrator.
• Certified Information Systems Security Profession (CISSP) or CompTIA Advanced Security Practitioner (CASP).
Target salary range: $120,001 - $160,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
group id: 10111346
