Cybersecurity Analyst

at LMI
Location Arlington, VA
Date Posted May 12, 2018
Category Default
Job Type Full-time

Description

LMI is a government consulting firm, dedicated exclusively to advancing the management of the government. As a not-for-profit company, we deliver the best value for the government dollar as all revenues are directed to our mission of advancing government rather than to delivering shareholder value. We operate completely free of political and commercial bias, and we are entirely aligned with the goals of our clients. Our clients value our not-for-profit status and specialized services in logistics, intelligence, homeland security, health care, and energy and environment markets. We believe government can make a difference, and we seek talented, hardworking people who share that conviction. This position would work in Fort Belvoir, VA.

Responsibilities

Conducts program oversight, including on-going monitoring and periodic auditing of systems and systems operations. Develops, recommends and implements incident response procedures and technologies to identify, assess, and ensure the appropriate response to threats and vulnerabilities. Lead, support, and/or facilitating security assessments of new or modified hardware, operating, systems, and software applications ensuring integration with DoD Cyber Security requirements. Support Cyber Security analyst in conducting Vulnerability Management, Security Engineering, Certification and Accreditation, and Computer Network Defense.

Administer Risk Management Framework (RMF) mission assurance planning and implementation for preparation for accreditation for Product Director (PD) Army Human Resources Systems (AHRS), IPPPS-A that will follow DoDI 8500.01 and DODI 8510.01. Develop and review of certification plans and authorization documentation (i.e., system security plans, risk mitigation plans, contingency plans, and disaster recovery plans, etc.)

Develop security assessment report (SAR) for the PD AHRS and associated ERP network enclaves. Responsible for the adequate assessment of all identified risk(s) and the generation of a mitigation plan for the PEO EIS Cyber Security Office to receive an authorization decision for all information systems. Evaluate and ensure security threats are mitigated, remediated or waived IAW DoD guidelines.

Review vulnerability scans/checks for cybersecurity compliance as needed and ensure periodic audits are conducted using the Security Content Automation Protocol (SCAP), Assured Compliance Assessment Solution (ACAS), DISA STIG’s, and other DoD approved vulnerability scanning assessment tools.

Administering and managing the Host Based Security System (HBSS) for the PD AHRS and Army ERP network enclaves.

Administering and managing the ACAS for the AHRS ERP network enclaves.

Incident Response Team: Responsible for conducting analysis of security incidents (i.e.  Phishing, malware, account access compromises, and network intrusions). Perform investigations of unauthorized disclosure of Personal Identifiable Information.  Responsible for reporting findings and provide status to senior leadership. Perform escalations to the Regional Computer Emergency Response Team (RCERT) when required.

COOP/Disaster Recovery (DR) Security Engineering Personnel: Serve as a member the COOP Disaster Recovery Team during COOP exercises supporting the PD AHRS and Army ERP security engineering mission essential functions (MEF)s at the alternate site.

Information Assurance Vulnerability Management (IAVM): Responsible for acknowledging and tracking IAVM notices and creating Plan of Actions and Milestones (POAMs) for review and approval by the Authorizing Official (AO).

Soft Certificate Trusted Authority (TA) for PD AHRS and AERP:

Responsible for obtaining all DoD PKI Individual Alternate Smart Card Logon Tokens (ASCL) and Soft Tokens for PM AHRS/AERP personnel for unclassified/classified systems. Responsible delegating and assigning Alternate Trusted Authorities (TA) with the authority and responsibility to obtain certificates for PM AHRS/AERP. Duty assignment appointed by PM AHRS/AERP Leadership and Army Register Authority (RA).

Assist with providing high-level briefings to PEO EIS Cyber Security Office and AO for the PM IPPS-A and Army ERP security posture for the enclaves and Information Systems (IS). Develop written reports, project plans, schedules, meeting minutes, briefings and other documentation for PEO EIS Cyber Security Office. Manage the Information Assurance Training (IAT) Workforce Program for the program to ensure all PD AHRS/AERP government and contracting personnel are 8570 compliant. Promotes awareness of security issues among management and ensuring sound security principles are followed.

Qualifications

  • Bachelor’s Degree in Cyber Security, Engineering, IT, or related technical field
  • Familiarity with HBSS and ACAS
  • Experience with eMASS
  • Active US Secret security clearance required
  • At least 5 year of relevant experience required
  • DoD 8570.01-Manual IAM Level II baseline certification required
  • (CAP, CASP CE, CISM, CISSP (or Associate), & GSLC)

Drop files here browse files ...