Sr. Cybersecurity Analyst at Electronic Consulting Services
Posted in Other 12 days ago.
This job brought to you by America's Job Exchange
Type: Full Time
Location: Alexandria, Virginia
ECS is seeking a Sr. Cybersecurity Analyst to work in our Alexandria, VA office.
ECS is seeking a seasoned security professional with experience in implementing and communicating RMF and DIACAP compliance for the Department of Defense and Navy in our Alexandria, VA office.
The CS Analyst Senior is responsible for helping to manage the program s Assessment and Authorization (A&A) efforts by focusing on the Risk Management and Security Authorization activities in accordance with the applicable National Institute of Standards and Technology (NIST) 800 series guidelines, the Risk Management Framework and applicable Federal Information Processing Standards (FIPS) standards. The CS Analyst Senior will report to the CS Team Lead and perform and manage tasks related to the entire Assessment and Authorization (A&A) lifecycle.
The CS Analyst Senior will:
* Support the Navy Cybersecurity team in conducting assessments of Cybersecurity risk by evaluating Navy systems and assist with drafting Cybersecurity risk reports to highlight current architecture, mitigations, and Cybersecurity risk posture.
* Analyze, review, and critique assessment and authorization (A&A) documentation in compliance with DoD Cybersecurity policy and agency guidance, including DoD 8500 series, CNSS 1253, and NIST special publications.
* Assess program security compliance, support program briefs, and coordinate and compile program security documentation for various programs.
* Provide A&A and Cybersecurity support, including Risk Management Framework (RMF) for DoD/DoN IT, assess compliance with security technical implementation guides (STIGs), review automated scans, conduct security test and evaluation (ST&E), vulnerability assessments, and computer security responses, and create and manage RMF packages using the Enterprise Mission Assurance Support Service (eMASS).
* Provide results of unresolved discrepancies to the client for inclusion in that system s IA Plan of Action and Milestones (POA&M).
* Interact with clients to perform policy and technical audits.
* Brief client leadership on vulnerabilities in support of the government client and prepare brief slides and summary of findings analyses.
* 5 years of experience with IT, including in a DoD environment
* 5 years of experience with DIACAP and NIST Risk Management Framework (RMF) policies, including continuous monitoring, information system security policies, standards, and procedures
* Experience with preparing DIACAP or RMF packages and supporting documentation and DoD Authorization and Accreditation (A&A) process and standards
* Experience with using the Enterprise Management Assurance Support Service (eMASS)
* Knowledge of IA or INFOSEC concepts and requirements
* Ability to conduct security control selection, tailoring, and overlays
* Ability to analyze a security plan and perform system security analysis
* Ability to work independently
* Active Secret clearance
* DoD 8140 IAM or IAT Certification, including Security+ CE, CISM, CISSP, or CASP
* BS degree in CS or Engineering preferred
* 3+ years of experience with supporting Navy Commands in the implementation or assessment of Cybersecurity controls or legacy DIACAP implementation
* 3 years of experience with system and network vulnerability analysis, risk assessment and risk mitigation analysis, security test and evaluation (ST&E), contingency planning, and firewall policy, ports, and protocols
* Experience with Retina, Nessus, SCAP Compliance Checker, STIGs, hardening systems, and applying IA controls
* Experience with supporting the Navy or NAVSEA or NAVAIR
* Experience with Nessus, ACAS, SCAP, and HBSS
* Possession of excellent oral and written communication skills
* Navy Qualified Validator (NQV) Appointment or Legacy Fully Qualified Navy Validator (FQNV) Appointment
ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state, or local law. ECS promotes affirmative action for minorities, women, disabled persons, and veterans.
ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 2300+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.
ECS Federal provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable Federal, state and local laws. ECS Federal also maintains a drug-free workplace.