Cybersecurity Systems Analyst Senior

at Exeter Government Services, LLC
Published November 27, 2022
Location Colorado Springs, CO
Category Default  
Job Type Full-time  

Description

Job Title: SOCOM - Cybersecurity Systems Analyst Senior

Location: Peterson AFB, Colorado Springs CO

Required Clearance: TS-SCI

Certifications: DoD 8570 IAT or IAM Level I II [C CN P Security , CompTIA CASP, ISACA CISA or CISM, CISSP (or Associate), GIAC Security Leadership (GSLC) , GIAC Certified Enterprise Defender (GCED), GIAC Incident Handler certification (GCIH) ]

Required Education: Bachelor 's degree from an accredited institution; commensurate level of experience can be substituted for education requirement

Required Experience: Eight ( 8 ) years of progressive, relevant experience or equivalent combination of education and experience

Position Description:

Exeter is seeking a qualified professional to p erform assessment s and authorization coordination. They will a dvise and assist the customer with Risk Management Framework (RMF) and develop a Plan of Action and Milestones for resolving network deficiencies in accordance with DODI 8510.01 and ICD 503. The duties of this task include assessing network compliance against controls listed in NIST 800-53 and creating A&A packages. Performs assessment, compliance, and validation of IT systems to support the Cybersecurity program at USSOCOM, its Component Commands, TSOCs, and deployed forces. The y shall execute a comprehensive assessment, compliance and validation of customer networks to ensure compliance with regulations and security and standards. The end goal is to ensure the integrity of customer systems by identifying and mitigating potential shortcomings and vulnerabilities. This person will also a dvise USSOCOM, its Component Commands, TSOCs, and deployed forces on network and system risks, risk mitigation courses of action, and operational.

Primary Responsibilities:

  • Assists and Tracks A&A status of SIE governed ISs. Ensures these artifacts and documentation are available in the USSOCOM-chosen automated tool

  • Provide DoD & IC RMF subject matter expertise to USSOCOM, its Component Commands, TSOCs, deployed forces and their delegates, including other Contractors, and assist with the development and execution of the RMF program

  • Maintain, track, and validate DISN, cloud and DIA connection approval packages

  • Develop and maintain supporting documentation for new and existing networks, cloud environments, information systems and technologies as they are introduced into the SIE

  • Develop and review A&A of SIE networks, cloud environments, systems, services, telecom circuits, mobile devices, portable electronic devices, hardware, and software using the DoD & IC RMF to obtain an ATO, Interim Authority to Test (IATT), or Authority to Connect (ATC)

  • Perform risk and vulnerability assessments of IT and IS for authorization; prepare risk assessment reports for submission

  • Track and maintain A&A databases, web sites and tools to ensure that networks, systems and devices are properly documented and managed from a cybersecurity perspective

  • Track and report to higher headquarters organizations (e.g. USCYBERCOM, DIA) compliance with applicable Cybersecurity regulations and directives

  • Ensure timely notifications are made to responsible individuals and organizations in order to prevent lapses in accreditations (e.g., 30, 60, and 90-day notices)

  • Develop and maintain an Information Security Continuous Monitoring (ISCM) Plan

  • Identify, assess, and advise on cybersecurity control compliance and associated risks

  • Coordinate with USCYBERCOM, DoD, DIA, NSA, DISA, and subordinate organizations to support the resolution of issues with security, A&A, connection approvals, and waiver requests

  • Perform network, cloud, information systems, hardware, software and device security authorization and assessments, as well as the application and execution of policy, including project management support services

  • Validate the patching of systems, perform validation scanning, develop Plans of Action & Milestone (POA&Ms), and report as directed

  • Be the SME for COA development and Cybersecurity mitigation strategies implementation

  • Perform analytics on cybersecurity posture and provide reports to the AO/DAO and applicable stakeholders as required per ISCM and AO/DAO direction

    Required Qualifications:

  • Top Secret Sensitive Compartmented Information (TS/SCI) clearance required

  • DoD 8570 IAT or IAM Level III [CCNP Security, CompTIA CASP, ISACA CISA or CISM, CISSP (or Associate), GIAC Security Leadership (GSLC), GIAC Certified Enterprise Defender (GCED), GIAC Incident Handler certification (GCIH)]

  • Bachelo r's degree from an accredited institution; commensurate level of experience can be substituted for education requirement

  • Eight ( 8 ) years of progressive, relevant experience or equivalent combination of education and experience

  • Technical background in networking, identity management, Microsoft and Linux

  • operating systems, database, and mobility

  • Working knowledge of the RMF process

  • Knowledge and experience with DoD IA processes and policies (e.g., DODI 8510.01, NIST, CNSS and other cybersecurity policies, Chairman of the Joint Chiefs of Staff Manual (CJCSM) 65101.01, Incident Response and other IA policies)

    Desired Qualifications /Experience :

  • Experience with the US Combatant Commands (USCENTCOM/USSOCOM) is desired

  • Technical background with Sys Admin experience, architecture and engineering preferred

  • Knowledge of Telos Xacta or (eMASS) system is desired

    Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.

    clearancejobs