CHRIP Cyber Tools Analyst (CCTA) - Assessment Support

Sentar is proud to be an employee-owned company, fostering a culture of empowerment, collaboration, and innovation. Sentar is dedicated to developing the critical talent that the connected world demands to create solutions to address the convergence of cybersecurity, intelligence, analytics, and systems engineering. We invite you to join the team where you can build, innovate, and secure your career.

Sentar is seeking a CHRIP Cyber Tools Analyst (CCTA) - Assessment Support

Role Description:

The Defense Health Agency (DHA) supports the delivery of integrated, affordable, and high quality health services to Military Health System (MHS) beneficiaries and is responsible for driving greater integration of clinical and business processes across the MHS. Our DHA teams make a difference daily by ensuring the security of the health records of active duty and retired military and their families!

The DHA Cyber Health and Readiness Inspection Program has been tasked with ensuring that DHA sites and Programs of Record (PORs) maintain compliance and alignment with DHA and DoD cybersecurity requirements. CHRIP does this through a holistic and integrative approach combining an analysis of cybersecurity tool output and guidance sources to produce a root cause analysis for shortfalls.

This position is a Tool Subject Matter Expert (SME) for the Cyber Health Readiness Inspection Program (CHRIP), part of the Marketplace Cyber Support, Risk Management Executive Division (RMED) supported by the Defense Health Agency (DHA). CHRIP Cyber Tools SME will serve in an assessment and inspection support capacity to the assigned CHRIP Assessment Team Leads.

Duties:

• Analyze and comprehend information system vulnerability scan results using agency assessment tools (e.g., ACAS/Nessus); provide configuration changes based on organizational requirements.
• Analyze and comprehend Host-Based Security System (HBSS) and/or Endpoint Security Solution (ESS) output and configurations.
• Navigate, analyze, and comprehend MECM output and identify necessary actions.
• Analyze and comprehend basic IP sub-netting.
• Utilize compliance and authorization reporting environments (e.g., eMASS, CMRS, and Phoenix).
• Compare output across tools and reporting systems (ACAS, ESS, MECM, CMRS, Phoenix, and eMASS) to identify inconsistencies or shortfalls within context of Med-COI Zone Architecture.
• Provide input to CSSP ESM, CCRI, and DHA Guidance checks to determine system compliance and maturity levels.
• Conduct root cause analysis for inconsistencies or shortfalls in assessment findings.
• Coordinate with system POCs, review authorization boundary diagrams, architecture diagrams, hardware/software inventories, IP address assignments, Med-COI Zone taxonomy, and other artifacts to determine assessment scope.
• Coordinate with system POCs regarding tool configuration and output to explain compliance requirements, assist in reaching compliance, and provide training in tool use.
• Lead or attend and speak in meetings with stakeholders to discuss status of efforts; potentially conduct meetings in lieu of the Team Lead.
• Utilize NIST, DoD, and DHA security requirements to include NIST SP 800-53 controls, DISA Security Technical Implementation Guides (STIGs), and Security Requirements Guides (SRGs) to assist Team Lead with physical security walk-throughs and confirming system configurations.
• Assist Team Lead with conducting site personnel interviews.
• Review and evaluate RMF documentation to include Security Plans, Policies and Procedures, and Plans of Action and Milestones (POA&Ms).
• Assist in creation and maintenance of SOPs used by the Tool SMEs and other groups within CHRIP.
• Submit Weekly Status Reports (WSRs).

Travel to sites/HQ as needed (= 25%).

Qualifications:

Clearance Level: Secret

Education / Experience:

• 10+ years of technical experience or a Bachelor's Degree and 6+ years of technical experience.
• DoD 8570 compliance to IAT Level II Certification (e.g. CCNA Security, Security+ CE, CISSP, etc.)
• Demonstrated experience with ACAS
• Demonstrated experience with HBSS/ESS
• Demonstrated experience with MECM preferred
• Demonstrated experience with IP subnets
• Familiarity with CMRS (with familiarity with Phoenix a plus)
• Familiarity with NIST SP 800-53, DISA STIGS and SRGs
• Familiarity with eMASS
• Familiarly with DoD Cloud environment and requirements

Ability to travel ~25%

Benefits at Sentar:

Our unique ownership model attracts top talent, giving employees the freedom to take initiative and drive meaningful improvements. In addition to cultivating a thriving and inclusive work environment, Sentar offers an extensive benefits package designed to support the well-being of employees and their families. Employee ownership is the foundation of our culture, promoting participation, teamwork, and accountability while ensuring long-term financial security and a commitment to excellence.

• Voluntary Medical, Dental, Vision, with Health Savings or Flexible Spending Plan options
• Voluntary Life, Critical Illness, Accident, and Long Term Care insurance options
• Group Term Life, Short-Term and Long-Term Disability is provided by Sentar to all qualifying employees
• Generous 401(k) match
• Competitive PTO plan that graduates quickly with years of service
• Other leave programs; holiday schedule along with bereavement, maternity, jury and military duty
• Mental health awareness programs
• Tuition reimbursement
• Professional development reimbursement
• Recognition and Awards programs

If you are not ready to apply for this position, submit your resume here to join our talent community We'll keep you updated occasionally on new job opportunities.

Sentar is an Affirmative Action and Equal Opportunity Employer M/F/Vets/Persons with Disabilities

Our culture is one of inclusivity and support. Sentar is proudly an Equal Opportunity and VEVRAA Federal Contractor Employer M/F/Vets/Persons with Disabilities. Follow these links to learn more about your rights: EEO Is the Law Poster ; EEO Is Law Supplement ; and Pay Transparency .

We want you to build your career at Sentar, so if you are an individual with a disability and require a reasonable workplace accommodation applying for a job or at any point in the employment process, contact the Recruiting Manager at recruiting@sentar.com . Please indicate the specifics of the assistance needed. Thank you for considering Sentar in your employment search.

Build, Innovate, Secure Your Career at Sentar.