This job listing has expired and the position may no longer be open for hire.

9024 - Cyber Security Analyst at Indrasoft, Inc. in Yorktown, Virginia

Posted in Other 30+ days ago.





Job Description:

Description











    Job Title: Cyber Security Analyst - Task 6.6.4 CUBE Application Assessment and Authorization (A&A)


    Job Location: 90% remote in the Charlottesville, VA 22911 area


    *Security Clearance: Top Secret/SCI - IT-1


    Certifications: CompTIA Security+, and IAT Level II certification (CCNA Security or CySA+ or, GICSP or, GSEC or, Security+ CE, CND, or SSCP)


    *Top Secret/Sensitive Compartmented Information (TS/SCI) clearance and appropriate Department of Defense (DoD) 8140.01 IAT baseline certification is required for this task order.


    Introduction:


    IndraSoft, Inc. is seeking a highly qualifiedSr. Cyber Security Analyst to work in the Charlottesville, VA area in a primarily remote capacity. The Cyber Security Analyst will support the Corporate Understanding of the Business Environment (CUBE) application's Assessment and Authorization (A&A) in both on-premises and in a Cloud based environment.Candidate will be responsible for providing support for all accreditation activities, process and submit amendments to current accreditation or recertification as required for on and off-premises environments.Prepare and support A&A strategy to the Intelligence Community Directive (ICD) 503, Department of Defense Instruction (DoDI) 8510.01 Risk Management Framework (RMF), and Defense Information Systems Agency Security Technical Implementation Guide (STIG) protocols while providing all associated deliverables in support of that effort. The selected candidate will be a highly motivated and reliable individual who works well as part of multi-disciplinary team and in an independent remote posture.Candidate should have experience in performing a variety of routine project tasks applied to specialized cyber security situations and a strong understanding of cloud-based Cyber Security requirements. Additionally, this position will also be utilized as a tester for the CUBE application and perform code scans for security vulnerabilities.


    Qualifications:


    To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.


    Qualifications Required:



    • Information Technology (IT)/Cyber Security experience is considered equivalent to a bachelor's degree.

    • 3-5 years of relevant IT/cyber security experience.

    • 2-4 years' experience with DoD RMF, and/or DOD Information Assurance Risk Management Framework (DIARMF) process.

    • Experienced with performing a variety of routine project tasks applied to specialized cyber security problems. Tasks involve integration of electronic processes or methodologies to resolve total system problems, or technology problems as they relate to cyber security requirements.

    • Demonstrated ability to analyze information security requirements.

    • Ability to apply analytical and systematic approaches in the resolution of problems of workflow, organization, and planning.

    • Expertise with providing cyber security support for planning, design, development, testing, demonstration, integration of information systems.

    • Experienced, or solid understanding providing A&A activities for cloud based (Amazon Web Services or Microsoft Azure) classified/unclassified information systems.

    • Experience using Enterprise Mission Assurance Support Service (eMASS), Assured Compliance Assessment Solution (ACAS) to detect and document security control test results.

    • Knowledgeable with creating and updating RMF related artifacts specific to National Institute of Standards and Technology (NIST) security control families.


    Security/Certification Requirements:



    • Certification in DoD 8570.01-M (Information Assurance Workforce Improvement Program) Information Assurance Workforce Technical Category I - IAT-II certification required (CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, or SSCP) or higher.

    • Candidate MUST BE a US Citizen with a current Top Secret (TS) Security Clearance with access to Sensitive Compartmentalized Information (SCI) able to be adjudicated prior to commencing work.


    Qualifications Desired:



    • 4 years of experience demonstrating technical depth and experience in, relevant discipline(s) and/or application(s).

    • 3+ Years of experience working with Government Entity.


    Essential Functions and Responsibilities:


    Performs a variety of routine project tasks applied to specialized cyber security problems. Tasks involve integration of electronic processes or methodologies to resolve total system problems, or technology problems as they relate to cyber security requirements.



    • Ensure CUBE A&A levels are maintained for the existing system.

    • Support all accreditation activities to include amendments to current accreditation or recertification, as required for on and off-premises environments and enclaves.

    • Prepared to support a A&A strategy to the Intelligence Community Directive (ICD) 503, Department of Defense Instruction (DoD) 8510.01 Risk Management Framework (RMF), and Defense Information Systems Agency Security Technical Implementation Guide protocols while providing all associated deliverables in support of that effort as directed by the COR and CUBE Program Manager.

    • Support all security authorization documentation which consists of all artifacts developed through RMF and associated activities and maintain documentation throughout the system's lifecycle.

    • Prepare and support the security authorization package consisting of the Security Plan, Security Assessment Report, Plan of Actions & Milestones, and authorization decision document, which is the minimum information necessary for acceptance.

    • Follow documentation and activities involved in the six (6) steps of the RMF process:


      • Categorize Information System

      • Select Security Controls

      • Assess Security Controls

      • Implement Security Controls

      • Authorize Information System

      • Monitor Security Controls


    • Provide supporting documentation to the RMF process such as STIG scans, hardening guide, security test plans, Entity Relationship Diagram (ERD), Department of Defense Architecture Framework (DoDAF) diagrams, and Data Dictionaries.

    • Ensure that any controls that need to be included in the software are added to the product backlog, are tagged with C&A, and prioritized appropriately.

    • Ensure that the software meets all ICD and ICS policies that are relevant including but not limited to ICS 500-27 and EO 13526.

    • Provide cyber security support for planning, design, development, testing, demonstration, integration of information systems.



    • Analyzes information security requirements.

    • Apply analytical and systematic approaches in the resolution of problems of workflow, organization, and planning. Identify, manage, and verify cyber security requirements, to include cyber security controls, in the same manner as all other system requirements, ensuring traceability.

    • Implement cyber security controls through Systems Engineering Technical Processes.

    • Develop System Security Plan (SSP) using Risk Management Framework (RMF) for DoD Information Technology (IT).

    • Develop and adjudicate Plan of Action and Milestones (POA&M).

    • Develop, review, and maintain RMF documentation.

    • Support the testing of CUBE application during development process and when deployed to the pre-production environment.

    • Attend daily/weekly scrums/meetings with CUBE development team.

    • Monitor/participate in MS Teams meetings as required

    • Provide weekly activity input to the Cyber Team Lead for inclusion into the overall Weekly Activity Report.






















    About Us



    At IndraSoft, you will be joining a team of highly qualified individuals who solve today's challenges, transform to future state, and execute innovate technology solutions for our federal customers. For more than 16 years, we provide cutting-edge solutions in areas of DevSecOps, Cybersecurity, Advanced Data Analytics, emerging Cloud technologies and Enterprise IT to our Defense and Civilian customers. You will be leading our efforts to integrate and innovate technology solutions to solve our clients' toughest technology problems.


    EEO Commitment


    IndraSoft is an equal employment opportunity/affirmative action employer, we are committed to providing a workplace that is free from discrimination based on race, color, ethnicity, religion, sex, national origin, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, pregnancy, genetic information, or any other status protected by applicable federal, state, local, or international law. These protections also extend to applicants. Follow the links below to find out more;


    EEO is Law Poster


    EEO is Law Supplement


    Pay Transparency Nondiscrimination Provision


    Accommodations


    If you are an individual with a disability and would like to request a reasonable workplace accommodation, please send an email toHR@IndraSoft.com. Indicate the specifics of the assistance needed.




    Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

    The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)
    More jobs in Yorktown, Virginia

    Other
    2 days ago

    Optum
    General Business
    2 days ago

    Goodwill of Central and Coastal Virginia
    General Business
    5 days ago

    The Kroger Co.
    More jobs in Other

    Other
    less than a minute ago

    Honu Services
    Other
    less than a minute ago

    Honu Services
    Other
    less than a minute ago

    Honu Services