Cyber Security Analyst - Expert
Company: CACI International
Location: Camp Lejeune
Posted on: January 27, 2023
|
|
Job Description:
Cyber Security Analyst - ExpertJob Category: Information
TechnologyTime Type: Full timeMinimum Clearance Required to Start:
TS/SCIEmployee Type: RegularPercentage of Travel Required: Up to
10%Type of Travel: LocalCACI is looking for an Expert-Level
Cybersecurity Systems Analyst to support our customer, Marine Corps
Special Operations Command (MARSOC), at Camp Lejeune, NC. This
position is contingent upon award of the US Special Operations
Command (USSOCOM) Cybersecurity Support contract.**What You'll Get
to Do:**Performs assessment and authorization coordination. Advises
and assists the customer with Risk Management Framework (RMF) and
develops a Plan of Action and Milestones for resolving network
deficiencies in accordance with DODI 8510.01 and ICD 503. The
duties of this task include assessing network compliance against
controls listed in NIST 800-53 and creating A&A packages.
Performs assessment, compliance, and validation of IT systems to
support the Cybersecurity program at USSOCOM, itsComponent
Commands, TSOCs, and deployed forces. The Contractor shall execute
a comprehensive assessment, compliance and validation of customer
networks to ensure compliance with regulations and security and
standards. The end goal is to ensure the integrity of customer
systems by identifying and mitigating potential shortcomings and
vulnerabilities.Advise USSOCOM, its Component Commands, TSOCs, and
deployed forces on network and system risks, risk mitigation
courses of action, and operational.Additionally, the Cybersecurity
Systems Analyst should be able to perform security evaluations and
vulnerability assessments using the DOD Assured Compliance
Assessment Solution (ACAS), Nessus vulnerability scanning tool and
Security Content Automation Protocol tool. Identify applicable
STIGs and perform assessments using the Security Content Automation
Protocol tool. The Cybersecurity Systems Analyst will liaison with
network and system administrators to correct identified
deficiencies. The Cybersecurity Systems Analyst will also scan (or
review scans) for new systems and applications being introduced
into the SOF environment, identify issues, and draft certification
letters for the government. The contractor will liaison with the
Site Integration Facility (SIF) to ensure systems and application
meet the standards in the DISA Security Technical Implementation
Guides (STIG).The Cybersecurity Systems Analyst should be extremely
knowledgeable of cyber network defense tools such as end point
security, SIEM, comply to connect, etc.**Typical duties include**
:+ Tracks A&A status of SIE governed ISs. Ensures these
artifacts and documentation are available in the USSOCOM-chosen
automated tool.+ Advises stakeholders on the adequacy of
implementation of cybersecurity requirements.+ Provide DoD & IC RMF
subject matter expertise to USSOCOM, its Component Commands, TSOCs,
deployed forces and their delegates, including other Contractors,
and assist with the development and execution of the RMF program at
USSOCOM, its Component Commands, TSOCs, and deployed forces.+
Maintain, track, and validate DISN, cloud and DIA connection
approval packages, including those from USSOCOM, its Component
Commands, TSOCs, and other subordinate organizations.+ Develop and
maintain supporting documentation for new and existing networks,
cloud environments, information systems and technologies as they
are introduced into the SIE.+ Develop and review the A&A of SIE
networks, cloud environments, systems, services, telecommunication
circuits, mobile devices, portable electronic devices, hardware,
and software using the DoD & IC RMF to obtain an Authority to
Operate (ATO), Interim Authority to Test (IATT), or Authority to
Connect (ATC).+ Perform risk and vulnerability assessments of IT
and IS for authorization; prepare risk assessment reports for
submission to the SCA and Authorizing Official/Designated
Authorizing Official/Designated Accrediting Authority (AO/DAO/DAA)
in accordance with DoD, DIA, USCYBERCOM, USSOCOM, Component
Command, TSOC, and deployed forces' policies, procedures, and
regulations.+ Assist USSOCOM, its Component Commands, TSOCs and
deployed forces with the enforcement of A&A, as well as DoD,
DIA, USSOCOM, Component Command, TSOC, and deployed forces'
connection standards for networks and systems.+ Track and maintain
A&A databases, web sites and tools to ensure that networks,
systems and devices are properly documented and managed from a
cybersecurity perspective.+ Track and report to higher headquarters
organizations (e.g. USCYBERCOM, DIA) compliance with applicable
Cybersecurity regulations and directives. Ensure timely
notifications are made to responsible individuals and organizations
in order to prevent lapses in accreditations (e.g., 30, 60, and 90
day notices).+ Develop and maintain an Information Security
Continuous Monitoring (ISCM) Plan. This plan shall address ongoing
awareness of information security, vulnerabilities, security
controls, and threats to support organizational risk management
decisions.+ Identify, assess, and advise on cybersecurity control
compliance and associated risks.+ Coordinate with USCYBERCOM, DoD,
DIA, NSA, DISA, and subordinate organizations to support the
resolution of issues with security, A&A, connection approvals,
and waiver requests.+ Perform network, cloud, information systems,
hardware, software and device security authorization and
assessments, as well as the application and execution of policy,
including project management support services.+ Validate the
patching of systems, perform validation scanning, develop Plans of
Action & Milestone (POA&Ms), and report as directed by
applicable policies, procedures, and regulations.+ Provide subject
matter expertise for COA development and the implementation of
Cybersecurity mitigation strategies.+ Develop and implement
required processes, procedures, and capabilities to mitigate
vulnerabilities and weaknesses for software and hardware
deployment.+ Identify, implement and validate continued
effectiveness of key performance parameters and applied security
measures+ Perform analytics on cybersecurity posture and provide
reports to the AO/DAO and applicable stakeholders as required per
ISCM and AO/DAO direction.**You'll Bring These Qualifications:**+
Experience with the US Combatant Commands (USCENTCOM/USSOCOM) is
desired.+ Technical background with system administration
experience, architecture and engineering preferred+ Technical
background in networking, identity management, Microsoft and Linux
operating systems, database, and mobility+ Working knowledge of the
RMF.+ Knowledge of the Telos Xacta or Enterprise Mission Assurance
Support Services (eMASS) system is desired.+ Must have excellent
communications skill (written and oral) and interpersonal skills.+
Knowledge and experience with DoD IA processes and policies (e.g.,
DODI 8510.01, NIST, CNSS and other cybersecurity policies, Chairman
of the Joint Chiefs of Staff Manual (CJCSM) 65101.01, Incident
Response and other IA policies).+ Active TS/SCI clearance
required.**Required Education, Experience, and Certifications:**+
Master's Degree in technical or cyber discipline or equivalent+ 10+
years related experience.+ Current DoD 8570.01-M, DoD IAT Level III
or IAM Level IIICompany Overview: At CACI, you will have the
opportunity to make an immediate impact by providing information
solutions and services in support of national security missions and
government transformation for Intelligence, Defense, and Federal
Civilian customers. CACI is an Equal Opportunity Employer -
Females/Minorities/Protected Veterans/Individuals with
Disabilities.As a federal contractor, CACI is subject to any
federal vaccine mandates or other customer vaccination
requirements. All new hires are required to report their
vaccination status.
Keywords: CACI International, Jacksonville , Cyber Security Analyst - Expert, Professions , Camp Lejeune, North Carolina
Click
here to apply!
|