WashingtonRecruiter
the smart solution for Washington DC jobs

Cyber Security Analyst (Senior)

Company: SPN Solutions Inc.
Location: Falls Church
Posted on: October 12, 2018

Job Description:

Position: Senior Cyber Security Analyst (ISSO)Place of performance: Falls Church, VACertification: DoD 8570---01M --- IAM Level III (CISSP, CISM, or GIAC)Security Clearance: DoD Secret (Active)Job Description: The ideal candidate for this Senior Information Systems Security Officer (ISSO) position will be an RMF Subject Matter Expert with an IAM Level III Certification and an Active DoD Secret Clearance. The candidate should have expert knowledge and experience developing RMF documentation. The candidate should have a strong working knowledge of and experience using eMASS.Summary: The Senior ISSO will work with our team of Senior Cyber Security Specialists to transition the Department of Defense, Defense Health Agency (DoD/DHA) systems from DIACAP to RMF. The ideal candidate will provide expert consultation across a wide range of cross---functional areas of Cyber Security services in support of this DHA Mission. The Senior ISSO will also provide project planning, guidance and technical expertise in the following areas: program, policy, process, and planning; risk management, auditing, and assessments; Assessment and Authorization (A&A) using the NIST Risk Management Framework (RMF) guidelines; and quality planning and control.Requirements:Minimum Qualifications:

  • United States Citizen with an active DoD Secret Clearance (A Must).
  • Bachelor's Degree in Information Technologies, Cyber Security or a related field.
  • Hold a current and verifiable DoD 8570--- 01M Certification at an IAM Level III (CISM, GIAC, or CISSP).
  • Three (4) years' experience performing RMF Assessments and Accreditation.Knowledge, Skills and Abilities:
    • Knowledge and experience with current NIST Federal Information Processing Standards (FIPS) and
    • Special Publications (SP): SP800---18, SP800---37, SP800---53, SP800---53A, SP800---60, FIPS---199, FIPS---201 and
    • FIPS---140---2, and other policies and their application to enterprise IT security.
    • Ability to write RMF Assessment Scripts and Test plans.
    • Experience with selection, implementation, validation, and establishment of DISA CCIs
    • Proficient in MSWord, Excel, Access, PowerPoint and Outlook.
    • Specialized experience in the analysis, design and implementation of security procedures of hardware
    • and software on complex, large---scale systems in an enterprise environment.Experience in the following area:
      • Experience with development of responses to POA&Ms.
      • Hands---on experience with DISA Security Requirements Guide (SRG)and DISA Security Technical
      • Implementation Guides (STIG).Responsibilities:The Senior ISSO shall perform tasks in accordance with NIST SP 800---37 requirements. The work shall be completed during the period of performance. The project will be evaluated for completeness of tasks and objectives weekly. Ensure that the appropriate operational cyber security posture is maintained for assigned IT systems. Develop, update and maintain the System Security Plan (SSP) for assigned systems to include:
        • Configuration Management Plan
        • Contingency Plan
        • Contingency Plan tests
        • Continuous Monitoring Plan
        • Incident Response Plans
        • Incident Response Plan tests
        • Federal Information Processing
        • Standard (FIPS) Information Types
        • Interconnection Security
        • Agreements
        • Plan of Action & Milestones (POA&M)
        • Privacy Impact Assessments (PIA)
        • Risk Assessments
        • Security control baselines
        • Security control inheritance
        • Security Impact Analyses
        • Business Impact Analyses
        • SSP implementation statements
        • Technical Description narratives
        • System Description narratives
        • Hardware/Software Inventory
        • Participate in Incident Response activities for assigned IT systems.
        • Conduct Contingency Plan, Recovery Plan and Incident Response tests for assigned IT systems.
        • Advise system owners on all matters, technical and otherwise, involving the security of assigned IT systems.
        • Develop standard operating procedures in accordance with security control requirements.
        • Perform continuous monitoring of security controls to ensure that they continue to be implemented
        • correctly, operating as intended and producing the desired outcome with respect for meeting the cyber security requirements for assigned IT systems.
        • Work with technical teams to mitigate security control deficiencies for assigned IT systems.
        • Assess the cyber security impact of changes to assigned IT systems.
        • Conduct self---assessments of security controls, identify weaknesses and track remediation activities in
        • Plan of Action and Milestones (POA&M).
        • Conduct technical vulnerability assessments and prioritize and track remediation efforts.
        • Manage the POA&M process for designated IT systems.
        • Provide the required system access, information, and documentation to security assessment and audit teams.
        • Participate in security assessments and audits for assigned systems and facilitate obtaining evidence for data requests.
        • Complete required A&A (Assessment and Authorization) activities on assigned IT systems.
        • Assist federal staff in assessing new applications, identifying applicable NIST SP 800---37 RMF requirements and advising system owners of the process.
        • Assist with development and maintain Operational Level Agreements (OLAs) and end---to--- end Standard
        • Operating Procedures (SOPs) to identify collaborative responsibilities and support process interaction with other Government and contractor IT groups.
        • Develop and maintain a detailed policy matrix mapping Federal, and local policies to the required security controls as identified by National Institute of Standards and Technology (NIST) SP800---53.
        • Documents include but are not limited to: Standard Operating Procedures (SOPs) Agency Training (e.g., cyber awareness, computer incidents, malicious codes, etc.) - provided by Dice DoD, eMASS, CISSP, PO&AM, RMF

          Keywords: SPN Solutions Inc., Washington DC , Cyber Security Analyst (Senior), Professions , Falls Church, DC

          Click here to apply!

          Didn't find what you're looking for? Search again!

          I'm looking for
          in category
          within


Other Professions Jobs


Leasing Consultant
Description: Leasing Consultant The Leasing Consultant reports to the Property Manager and supports the leasing operations and financial performance of an assigned apartment community for MAA. Primary responsibilities (more...)
Company: MAA - Stonefield Commons
Location: Charlottesville
Posted on: 10/24/2018

Now hiring CDL-A grads for student truck driving jobs
Description: TransAm Trucking, a leading refrigerated carrier, has job openings for graduated CDL school students who are ready to hit the road with long-haul driving opportunities We offer
Company: TransAm Trucking, Inc.
Location: Charlottesville
Posted on: 10/24/2018

Auto Haul Truck Drivers - Regional And Local Opportunities!
Description: Benefits: Regional 38 local opportunities 1 to 1.20 per loaded mile Full Union Pension 38 Union Benefits includes medical/health, vision, dental, and life insurance Drive for the largest (more...)
Company: Jack Cooper
Location: Chantilly
Posted on: 10/24/2018


Chief Architect, Enterprise Cybersecurity with Security Clearance
Description: Currently, ManTech is seeking a motivated, career and customer oriented Chief Architect, Enterprise Cybersecurity to join our team in Chantilly, VA. The primary location is Chantilly but the candidate (more...)
Company: ManTech International Corporation
Location: Chantilly
Posted on: 10/24/2018

Benefit Consultants Needed - Telecommute
Description: Twenty four year old company is now
Company: Ameriplan
Location: Chantilly
Posted on: 10/24/2018

Class A CDL Company Driver
Description: No gimmicks. CFI pays you for your experience.BenefitsUp to 0.45 CPM 500 paid when seated Flexible hometime Driver-friendly
Company: CFI
Location: Chantilly
Posted on: 10/24/2018

Network Operations Center Technician - Shift Work - TS/SCI with Security Clearance
Description: Network Operations Center Technician
Company: General Dynamics IT
Location: Charlottesville
Posted on: 10/24/2018

CDL-A Team Truck Driver - Home Frequently
Description: CDL-A Refrigerated Team Driver Jobs. Earn up to 100,000k per year 1,000 sign-on Englander Transportation, part of the Fleetmaster family of companies, specializes in providing rewarding CDL-A Refrigerated (more...)
Company: Fleetmaster Express
Location: Leesburg
Posted on: 10/24/2018

Postmates Part Time Delivery Driver (Supplement Your Income)
Description: Employer uses technology to connect local businesses with people around the city. Our fleet receives requests through the app, and delivers anything from anywhere, 24/hrs a day.
Company: Postmates
Location: Chantilly
Posted on: 10/24/2018

Chemistry Laboratory and Research Technician I
Description: The Department of Chemistry at the University of Virginia seeks a highly motivated and qualified research technician to assist with experiments designed to understand
Company: University of Virginia
Location: Charlottesville
Posted on: 10/24/2018

Log In or Create An Account