|Published||July 24, 2022|
Position/Job Title: Cyber Security Analyst III
Location: Kirtland AFB, New Mexico
Job Description: The Cyber Security Analyst III works within a cohesive team environment and is responsible for overseeing, reporting, and developing compliance and security policy for the Government. They must be able to maintain, operate and manage, and propose changes to the Government's security program to include process, technical, administrative, configuration management, and total life-cycle support. This position shall provide the Government with recommendations and solutions for implementing AF Special Programs (SP) and Intelligence Community (IC) cybersecurity programs and projects. The Cyber Security Analyst III shall adhere to AF, SP and IC standards and processes further defined by the Government. Shall conduct timely and in-depth research for policies and processes. They shall provide inputs to program reviews, schedules, action item updates and required procedures by established deadlines. The Cyber Security Analyst III will guide and assist in application of IT security control requirements to address the level of security required to protect the confidentiality, integrity, and availability of system data and resources. Solutions shall be compatible with system or network hardware and software configurations and shall be approved by the configuration managers of the system and network. Recommendations within test plans and procedures ensuring the results support the required objectives and capabilities and support compliance to cybersecurity requirements. Shall make edits to existing Government documents, prepare briefings as required to update the Government on the status of actions and coordinate with all project members to meet the goals and objectives of the assigned task. If required to implement a cybersecurity initiative, the Program Manager (PM) shall complete the Assessments and Authorizations (A&A) documents required to obtain an Authorization to Operate (ATO).
Essential Duties and Responsibilities (Not listed in order of importance; other duties may be assigned) and must be able to perform the following with minimal guidance:
- Ensures the rigorous application of cybersecurity policies, principles, and practices in the delivery of all Information Technology (IT) and cybersecurity services.
- Develops and designs security solutions to maintain confidentiality, integrity, and availability of information throughout the enterprise.
- Identifies, plans, and documents improvements to security controls currently in place.
- Develops and documents recommendations and courses of action (COAs) to solve complex cybersecurity problems.
- Develops and interprets cybersecurity requirements as part of the IT acquisition development process and assists in the formulation of cybersecurity/IT budgets.
- Plans and schedules the installation of new or modified security hardware, operating systems, and software applications.
- Ensures the assessment and implementation of identified computer and network environment fixes such as system patches and fixes associated with specific technical vulnerabilities as part of the Cybersecurity Vulnerability Management program.
- Guides the implementation of appropriate operational structures and processes to ensure an effective cybersecurity program, including boundary defense, incident detection, and response.
- Other duties as assigned.
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill and ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Education and/or Experience:
- Candidates must have a master's degree in Computer Science, Cybersecurity, MIS, or related degree
- 6+ Years of experience as a Cybersecurity Developer or related functional area
- Minimum 10 years of relevant DoD work experience with no less than 4 years' experience in a SAP and/or SCI environment with the last 5 years
- Minimum 1 year of experience using Risk Management Framework (RMF) IT security controls and policies
- Minimum DoD 8140/DoD 8570 IASAE Level II Certification
- DoD experience required
- Space system requirements
- A track record of progressively responsible information assurance experience in one or more of the following information security areas: ICD 503 (DCID 6/3) certification and accreditation, IA system evaluations, and IA security operations/network monitoring, Intrusion Detection Systems, Intrusion Prevention Systems, Security Information Management/Security Event Management, network mapping, vulnerability scanners, firewalls, routers and other security tools
- Knowledge of public key infrastructure and encryption systems
- Experience working on an information security incident response team - Certified Information Systems Security Professional (CISSP)
- Familiarity with Security Technical Implementation Guides (STIG) and system security processes
- Understanding of the DoD Information Assurance Certification and Accreditation Process (DIACAP) a plus
- Experience working in CMMI Level 3 (or higher) environments is a plus
- Ability to organize, prioritize and meet deadlines
- Capable of conveying complex information in a simplistic manner
- Strong critical thinking and problem-solving skills
- Strong self-starter requiring minimal supervision
- Able to take proactive measures to prevent problems rather than reactive by nature
- Strong verbal and written communication to effectively express concepts, plans, and proposals
DoD active security clearance may be required at a high-level security. Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.
Headquartered in Hawaii, Galapagos, LLC is a SBA Certified NHO 8(a) Small Business specializing in global information technology and offering professional solutions in IT Design & Installation, Cybersecurity Engineering & Support, Application Integration & Development, Software & Hardware Engineering, Network & Systems Management, Information Systems Security, and Business Management Services. Leveraging over 30 years of providing IT services to the federal & commercial market with projects located around the world, our team possesses innovative expertise in the development of a wide range of technology solutions. Galapagos, LLC is an equal opportunity employer. Our service commitment is simple - "Quality IT Solutions... On Time & On Budget." Galapagos, LLC reserves the right to change or modify job duties and assignments at any time. The above job description is not all encompassing. Positions functions and qualifications may vary depending on business needs. Galapagos, LLC is an equal opportunity employer and does not discriminate against applicants based on race, color, creed, religion, medical condition, legally protected genetic information, national origin, sex (including pregnancy, childbirth or related medical condition), sexual orientation, gender identity and expression, age, disability, or Vietnam era, or other eligible veteran status or legally protected characteristics.