CyberSecurity/Automated Information Systems Analyst

Location: Kekaha, Hawaii
Date Posted: 11-20-2017 #10176586
Exciting opportunity for seasoned information systems engineer. The engineer will provide technical expertise in support of gathering of information, completing necessary forms and packages for submission to the government customer for accreditation of various networks and communication systems at PMRF.

Security Clearance:
Secret security clearance is required
Technical Requirements
Engineer shall support A&A efforts at PMRF for both classified and unclassified range networks and communications systems to include but not limited to the following Cybersecurity requirements as applicable:
1. Create and review Risk Management Framework (RMF) documentation
2. Review and validate Security Technical Implementation Guides (STIG) checklists and Security Content Automation Protocol (SCAP) benchmarks
3. Perform scanning of systems utilizing Assured Compliance Assessment Solution (ACAS) software to identify vulnerabilities
4. Verify and document network topology to include ports, protocols and services (PPS)
5. Prepare Risk Assessment Report (RAR) documentation, System Categorization and Control Selection documents
6. Develop and review network topology diagrams
7. Provide Subject Matter Expert (SME) level recommendations to ISSO and ISO to support A&A package creation
8. POA&M maintenance/management
Position Summary
PMRF normal duty hours are 0730-1600, Mon-Fri. Any deviation of support from PMRF normal duty hours requires notification and approval from the on-sight manager. Performs security tasks required by the DoD 8500.1 DoD Cybersecurity Instruction, DoD8510.01 Risk Management Framework (RMF) for
DoD Information Technology, DoD 5220.00-M National Industrial Security Program Operating Manual (NISPOM), National Institute for Standards and Technology {NIST) Special Publication 800-37, and other Policy for the administration and safeguarding of US and foreign Government classified and unclassified information as it pertains to DoD networks, standalone computer systems, and Platform IT. Verifies and ensures compliance with US Government requirements for Cyber Security.
Major Job Activities
1. Plans, executes and tracks successful RMF Assessment and Authorization {A&A) documentation submissions to the customer per NIST SP800-37 and other RMF guidelines
2. Provides feedback to policy guidelines for the interpretation, implementation, inspection, and enforcement of DoD, DoN and customer directed Cybersecurity requirements
3. Interfaces/maintains liaison with the System Owners, System ISSOs , Command Network Manager, and other Cognizant Security Agencies regarding Accreditation Scheduling, activities
4. Performs ACAS report reviews, Nessus scanning, and STIG and SCAP validations
5. Assists ISSOs with identifying applicable existing policies or creating policy guidelines and processing documents for non-compliant controls
6. Participates in risk analysis, performance, reliability, and security impact analysis to determine appropriate Cyber Security products, systems, and policies for implementation
7. Provide detailed weekly status reports to the IT Manager, Program Manager and Cybersecurity Lead. As a minimum, the status reports shall contain listing and description of task assignments, the government POC on task assignments, progress and status on task assignments, and timeline on completion of task assignments.
8. Attend A&A meetings as directed by the Cybersecurity Lead
Minimum Qualifications:
-Education: Bachelor's Degree in Engineering, Computer Science, MIS, or other related scientific field is desired
-Certification: Must be DoD 8570.lM certified at lAT Level 2 and maintain certification throughout duration of employment {IA Baseline Certification of Security+CE or CISSP)
-Computing Environment Certification in one or more of MS Win7/Win10, Win Svr. 2008/2012, Linux, CCENT, CCNA, Junos a plus
-A.S./A.A or B.A. Degree with ten (10) years of experience in IT disciplines may substitute for the Bachelor's Degree requirement
-Five {5) years of cybersecurity related experience
-Working level knowledge of DoD cybersecurity practices/procedures is required
-Three (3) years of specific DIACAP/DIARMF or RMF related experience
-Experience in briefing DoD Executive Leadership {0-6 / GS-13 and above) a plus
-SME level knowledge of current DoN Cybersecurity practices/procedure is highly desirable
-CISSP is highly desirable
Security Clearance:
Secret security clearance is required
this job portal is powered by CATS