Cyber Security Analyst

at ASRC Federal Holding Company
Published December 24, 2023
Location Quantico, VA
Category Default  
Job Type Full-time  

Description

Job Description

ASRC Federal Broadleaf, Inc. is currently seeking a Cyber Security Analyst in Quantico, VA.

JOB DESCRIPTION:

  • Cyber Assurance (CA) team which conducts Risk Management Framework efforts supporting Enterprise level tasks (Tier II) in the roles of Cyber Analyst and Cyber Validators. In addition, the CA team conducts A A validation and security testing devices before allowing the hardware to be added to the network. The CA team may be required to travel at least 10 times a year for annual security assessments and continuous monitoring efforts. Cybersecurity support includes systems which comprise the ESS, the Agency's administrative networks- (Unclassified but sensitive Data Network (UDN), Classified Data Network (CDN), and JWICS enclaves), GIG waivered networks and all standalone systems (non-networked computers).

BASIC QUALIFICATIONS:

  • At least 5 Years- hands-on technical Cybersecurity validation experience:

  • Supporting A A validation, RMF assurance, POA Ms, and eMASS submissions
  • Develop, update, and provide for Government review, all DoD and other federal agency-specific documentation specified in Government A A Framework and DoDI 8510.01, as applicable.

  • Maintain all DCSA PM managed system records and documents supporting compliance with federal laws, directives, policies and procedures, and provide at all times complete access to the records. Store all A A related documentation within a government A A Repository.
  • Conduct A A related security test and evaluations using government mandated tools and test procedures.
  • Develop or contribute to A A related POA Ms and Risk Assessment Reports as directed by applicable policy and guidance.
  • Review and analyze data found in eMASS (or similar A A Repository /continuous monitoring tool).
  • Generate reports identifying noncompliant systems.

  • Detailed Knowledge of Risk Management Framework (RMF), STIGs and eMASS or similar (e.g., Xacta or CSAM)
  • Detailed Knowledge of DISA Security Technical Information Guides, NIST SP 800-53, and other applicable DoD Cybersecurity policies
  • Possess strong writing skills; experience preparing enterprise-wide SOPs, reports for high level officials
  • Experience developing cybersecurity documentation, Plan of Actions Milestones (POAM), enterprise mission assurance support service (eMASS) submissions, and system security engineering efforts

#Broadleaf

Requirements

CERTIFICATION(s):

  • 8570 IAM Level I (e.g., CAP, CND, Cloud+, GSLC, Security+, HCISPP)

or

  • 8570 IAM Level II (e.g., CAP, CASP+ CE, CISM, CISSP (or Associate), GSLC, CCISO, HCISPP)

EDUCATION REQUIREMENTS:

  • Associates or Bachelor's Degree, or equivalent experience in Cybersecurity, and/or Information Systems Management, Information Technology

CLEARNANCE LEVEL:

  • Active TS/SCI Clearance or Active Secret with the ability to obtain TS/SCI REQUIRED

WORK ENVIRONMENT AND PHYSICAL DEMANDS:

  • This position is a partial Telework (3 to 4 days a week). An onsite present is required 1 to 2 days a week, but there may be periods of additional onsite requirements if working projects on the high side.
  • This position is subject to travel of 10%

  • If alternate worksite is other than DCSA facilities or corporate office space, must have the reliable ability to communicate over voice (cell phone preferred) and stable, capable internet connection.
  • Must speak English well enough to communicate complex technical ideas to a diverse customer both verbally and in written form.

EEO Statement

ASRC Federal and its Subsidiaries are Equal Opportunity / Affirmative Action employers. All qualified applicants will receive consideration for employment without regard to race, gender, color, age, sexual orientation, gender identification, national origin, religion, marital status, ancestry, citizenship, disability, protected veteran status, or any other factor prohibited by applicable law.