Jan 25
Top Secret
Mid Level Career (5+ yrs experience)
No Traveling
IT - Security
Quantico, VA (Off-Site/Hybrid)
HOW OUR CYBER SECURITY ANALYST WILL MAKE AN IMPACT:
Supports all authorization package ACAS related tasks assigned to ISSEs and NQVs. The goal is to provide the required artifacts IAW the Navy Testing Guidance and Risk Management Framework (RMF) Process Guide required for the submission of an RMF Authorization package.
Performs 90 Day Baseline Scans for each Authorization package in accordance with Navy requirements; provide Detailed Vulnerability List (DVL) Reports for use in the eMASS record; provide ACAS Summary Reports in accordance with the Navy Testing Guidance.
Conducts weekly and “As Needed” ACAS scans in support of RMF STEP 3/STEP 4 processes, vulnerability assessments and queries specifically targeting authorization package assets; support continuous monitoring for authorized packages and report vulnerability status of all active Enterprise Security packages; create asset lists using provided hardware lists.
Performs risk analyses of computer systems and applications during all phases of the system development life cycle using the Assured Compliance Assessment Solution (ACAS) tool.
Initiates Enterprise Mission Assurance Support Service (eMASS) registrations, prepares, processes, updates and monitors RMF Assessment and Authorization (A&A) packages; ensures A&A packages are evaluated and maintained in a compliant status; implements and validates A&A packages to ensure security controls and vulnerabilities meet DON RMF authorization compliance requirements.
WHAT YOU’LL NEED TO SUCCEED (Required):
Security Clearance Level: Active Top Secret clearance with SCI Eligibility
Required Experience:
7+ years of experience in the systems security discipline with specific emphasis on Navy Cybersecurity practices.
Must meet or exceed OPNAVINST 5239 requirements to be certified as a Navy Qualified Validator or must be certified within 6 months of start date.
Experience in the development of RMF Assessment and Authorization (A&A) Security Plans (SP), System Level Continuous Monitoring (SLCM), Ports, Protocols and Services Management (PPSM), Host Based Security Systems (HBSS), Assured Compliance Assessment Solution (ACAS) vulnerability scanning.
Experience with Enterprise Mission Assurance Support Service (eMASS) tools.
Experience preparing, processing, assessing, validating, and maintaining RMF A&A packages using eMASS and XACTA tools.
Experience with using public key-based technologies for applications.
Required Certifications: Security+ CE
Education: BS Degree or 4 years additional experience in lieu of degree.
Location: Hybrid at Quantico, VA
US Citizenship required
WHAT WE'D LOVE FOR YOU TO HAVE:
Completed Navy RMF training
Formal ACAS training
Formal eMASS training
Supports all authorization package ACAS related tasks assigned to ISSEs and NQVs. The goal is to provide the required artifacts IAW the Navy Testing Guidance and Risk Management Framework (RMF) Process Guide required for the submission of an RMF Authorization package.
Performs 90 Day Baseline Scans for each Authorization package in accordance with Navy requirements; provide Detailed Vulnerability List (DVL) Reports for use in the eMASS record; provide ACAS Summary Reports in accordance with the Navy Testing Guidance.
Conducts weekly and “As Needed” ACAS scans in support of RMF STEP 3/STEP 4 processes, vulnerability assessments and queries specifically targeting authorization package assets; support continuous monitoring for authorized packages and report vulnerability status of all active Enterprise Security packages; create asset lists using provided hardware lists.
Performs risk analyses of computer systems and applications during all phases of the system development life cycle using the Assured Compliance Assessment Solution (ACAS) tool.
Initiates Enterprise Mission Assurance Support Service (eMASS) registrations, prepares, processes, updates and monitors RMF Assessment and Authorization (A&A) packages; ensures A&A packages are evaluated and maintained in a compliant status; implements and validates A&A packages to ensure security controls and vulnerabilities meet DON RMF authorization compliance requirements.
WHAT YOU’LL NEED TO SUCCEED (Required):
Security Clearance Level: Active Top Secret clearance with SCI Eligibility
Required Experience:
7+ years of experience in the systems security discipline with specific emphasis on Navy Cybersecurity practices.
Must meet or exceed OPNAVINST 5239 requirements to be certified as a Navy Qualified Validator or must be certified within 6 months of start date.
Experience in the development of RMF Assessment and Authorization (A&A) Security Plans (SP), System Level Continuous Monitoring (SLCM), Ports, Protocols and Services Management (PPSM), Host Based Security Systems (HBSS), Assured Compliance Assessment Solution (ACAS) vulnerability scanning.
Experience with Enterprise Mission Assurance Support Service (eMASS) tools.
Experience preparing, processing, assessing, validating, and maintaining RMF A&A packages using eMASS and XACTA tools.
Experience with using public key-based technologies for applications.
Required Certifications: Security+ CE
Education: BS Degree or 4 years additional experience in lieu of degree.
Location: Hybrid at Quantico, VA
US Citizenship required
WHAT WE'D LOVE FOR YOU TO HAVE:
Completed Navy RMF training
Formal ACAS training
Formal eMASS training
group id: asdinc
