Yesterday
Secret
Mid Level Career (5+ yrs experience)
IT - Security
MUST HAVE
Experience with NIST Special Publications, 800-53 rev. 5, 800-53 rev. 4, and 800-82.
Relevant certification meeting DOD 8570.01 IAM level III such as CISM, CISSP or GSLC
Note: Cybersecurity Certification is applicable to both Automated Information Systems (AIS)/IT and ICS/SCADA.
Experience with Enterprise Mission Assurance Support Service (eMASS).
SECRET CLEARANCE
Five (5) years of relevant experience
Must be able to possess a NACI, IT III sensitivity
US Army and GOVCON experience
Full Description
The Cyber Security Technology Management Analyst will perform audits on complex information systems, applications, and enclaves to ensure that appropriate controls exist and are correctly implemented; and that procedures comply with Federal, DOD, and DLA standards.
Duties and Responsibilities:
Monitors Energy Applications for Industrial Control Systems (ICS), computer-controlled electromechanical systems that deliver installation infrastructure services including Supervisory Control and Data Acquisition (SCADA), Distributed Control System (DCS), Energy Management Control System (EMCS), others, as applicable to specific programs.
Assesses compliance with IA policy and recommends improvements as appropriate
Monitors Information Assurance (IA) for Energy Applications to ensure compliance with Federal, DOD and DLA IA policy. Monitors certification and accreditation activities.
Recommends preparation updating of documentation to support Federal Information Security Management Act (FISMA) and DOD Risk Management Framework (RMF) reporting requirements.
Ability to Develop RMF security documentation on behalf of OT applications
Performs technical reviews of documented security certification results
Assesses their comprehensiveness
Identifies system vulnerabilities and weaknesses
Recommends human procedures, software configuration parameters, system changes, or combinations of them to mitigate the risk associated with detected vulnerabilities that could preclude accreditations.
Analyzes vulnerability scans and Security Readiness Review (SRR) results, Security Technical Implementation Guide (STIG) compliance and deficiencies of all forms identified during internal and external IA reviews.
Tracks deficiencies and vulnerabilities from identification through implementation of adequate mitigation measures.
Requirements
Required Experience:
Demonstrated experience of at least three years with the design, maintenance and operation of highly complex and high secure communications network environments
Multi-discipline experience with Firewall/Intrusion Prevention Systems (IPS); antivirus, host-based protection; security incident event management; virtual shared computing environments; and network/security management
Demonstrated understanding of communication protocols, network technologies and the International Organization for Standardization (ISO) Open Systems Interconnection telecommunications model
Knowledge of Defense Information and Accreditation Risk Management Framework (RMF) and process for system and application controls
Knowledge of DOD/DLA security policies and compliance
Minimum Requirements:
Five (5) years of relevant experience
Ten years of practical industry, government and/or consulting experience in information technology management.
IT project management experience using various Microsoft tools
Knowledge and experience in managing information technology services and strategies.
Proficiency in basic analytical software such as Microsoft Excel and Access, proficiency with the Microsoft Office suite, to include Word, PowerPoint and SharePoint.
Experience with NIST Special Publications, 800-53 rev. 5, 800-53 rev. 4, and 800-82.
Relevant certification meeting DOD 8570.01 IAM level III such as CISM, CISSP or GSLC
Note: Cybersecurity Certification is applicable to both Automated Information Systems (AIS)/IT and ICS/SCADA.
Experience with Enterprise Mission Assurance Support Service (eMASS).
SECRET CLEARANCE
Five (5) years of relevant experience
Must be able to possess a NACI, IT III sensitivity
US Army and GOVCON experience
Full Description
The Cyber Security Technology Management Analyst will perform audits on complex information systems, applications, and enclaves to ensure that appropriate controls exist and are correctly implemented; and that procedures comply with Federal, DOD, and DLA standards.
Duties and Responsibilities:
Monitors Energy Applications for Industrial Control Systems (ICS), computer-controlled electromechanical systems that deliver installation infrastructure services including Supervisory Control and Data Acquisition (SCADA), Distributed Control System (DCS), Energy Management Control System (EMCS), others, as applicable to specific programs.
Assesses compliance with IA policy and recommends improvements as appropriate
Monitors Information Assurance (IA) for Energy Applications to ensure compliance with Federal, DOD and DLA IA policy. Monitors certification and accreditation activities.
Recommends preparation updating of documentation to support Federal Information Security Management Act (FISMA) and DOD Risk Management Framework (RMF) reporting requirements.
Ability to Develop RMF security documentation on behalf of OT applications
Performs technical reviews of documented security certification results
Assesses their comprehensiveness
Identifies system vulnerabilities and weaknesses
Recommends human procedures, software configuration parameters, system changes, or combinations of them to mitigate the risk associated with detected vulnerabilities that could preclude accreditations.
Analyzes vulnerability scans and Security Readiness Review (SRR) results, Security Technical Implementation Guide (STIG) compliance and deficiencies of all forms identified during internal and external IA reviews.
Tracks deficiencies and vulnerabilities from identification through implementation of adequate mitigation measures.
Requirements
Required Experience:
Demonstrated experience of at least three years with the design, maintenance and operation of highly complex and high secure communications network environments
Multi-discipline experience with Firewall/Intrusion Prevention Systems (IPS); antivirus, host-based protection; security incident event management; virtual shared computing environments; and network/security management
Demonstrated understanding of communication protocols, network technologies and the International Organization for Standardization (ISO) Open Systems Interconnection telecommunications model
Knowledge of Defense Information and Accreditation Risk Management Framework (RMF) and process for system and application controls
Knowledge of DOD/DLA security policies and compliance
Minimum Requirements:
Five (5) years of relevant experience
Ten years of practical industry, government and/or consulting experience in information technology management.
IT project management experience using various Microsoft tools
Knowledge and experience in managing information technology services and strategies.
Proficiency in basic analytical software such as Microsoft Excel and Access, proficiency with the Microsoft Office suite, to include Word, PowerPoint and SharePoint.
group id: 10435775
