Sr. Information Systems and Cyber Security Analyst

Summary

The Sr. Information Systems and Cyber Security Analyst's areas of responsibilites listed below are essential to the satisfactory performance of this position with reasonable accommodations if necessary. Work responsibilities may vary, depending upon assignment. Work is in Heath, OH.

Responsibilities
  • General Information
  • Assist in ensuring implementation of DoD, USAF and MAJCOM policies and update local processes and procedures necessary to support day-to-day operations.
  • Assist the USG to organize, coordinate, identify, and satisfy the IA/ Cybersecurity requirements consistent with DoD policies, standards, and system architectures.
  • Assist in formulating architectural design, functional specifications, interfaces and documentation of hardware or software systems.
  • Utilize the RMF to support Authorization and Accreditation (A&A) of assigned systems.
  • Assist in the monitoring of systems throughout the lifecycle management process from concept to decommission.
  • Provide assistance in developing, modifying, reviewing, and coordinating IT Categorization Determination packages, Information Assurance Strategies (IASs), Information Assurance Plans (IAPs), PPPs, SSPs, Information Assurance Assessments, System Assessments, Interconnection Security Agreements (ISAs), Verification and Validation testing, Development and Design, requirements identification, Baseline Control selection, Applicability Assessments, Mitigation Strategies, Milestone Requirements Assessments, Configuration Management reviews, Continuous Monitoring, IA Liaison functions between the Developer, User Community and Program Management, leading the IA Integrated Process Team (IAIPT).
  • Assist with the development of specific artifacts for program reviews and the review of IA requirements in the development and assessment of RFPs and ECPs.
  • Assist with the evaluation of technical implementations of security designs to ensure that security software, hardware, and firmware features affecting confidentiality, integrity, availability, accountability, and non-repudiation have been implemented as documented in the JSIG (current version)/NIST 800-53 or while meeting the IA/Cybersecurity requirements of DoD Instruction 8500.01, Cybersecurity, DoD Instruction 8510.01, Risk Management Framework (RMF) for DoD Information Technology (IT), DoD Instruction 5200.39, and Air Force Instruction (AFI) 33-210, Air Force Certification and Accreditation (C&A) Program (AFCAP), as well as DCID 6/3, and JSIG requirements.
  • Systems and Applications
  • Shall have a working knowledge of telecommunications concepts and principles, operating modes, systems, media, equipment, equipment configuration, and related software systems, processes and procedures to assess and advise on vulnerability to attack from a variety of sources (e.g., espionage, disruption of services, destructive programs/applications) and procedures and methods for protection of systems and applications.
  • Apply understanding of computer science principles, information management principles, automated data processing (ADP) functions and plans, hardware and software systems' structures and operation, and computer programming languages and techniques to assist in the resolution of automation problems.
  • Assist in interfacing with and using minicomputer and mainframe computer systems in addressing project objectives.
  • Use standard or conventional approaches, methods, and techniques to assist in defining, planning, organizing, designing, developing, modifying, testing, and integrating database or data processing systems, computer hardware systems and simulation models.
  • Assist in formulating architectural design, functional specifications, interfaces and documentation of hardware or software systems.
  • Use detailed specifications and adapt standardized techniques, methods, criteria, and precedents to assist in developing or modifying portions of a system or program.
  • Provide recommendations for state-of-the-art storage and data retrieval implementation methods as well as formulate functional requirements for information systems.
  • Information Assurance/Cybersecurity
  • Assist in the modification of the Acquisition IA/ Cybersecurity Strategy for external systems.
  • Assist the USG to organize, coordinate, identify, and satisfy the IA/Cybersecurity requirements consistent with DoD policies, standards, and system architectures.
  • Apply knowledge of computer science principles, information management principles, Automated Data Processing (ADP) functions and plans, hardware and software systems' structures and operation, and computer programming languages and techniques to assist in the resolution of automation problems.
  • Assist in the evaluation of different versions of security software for the USG's automated systems.
  • Assist with monitoring information system activities to ensure system integrity; establishing reaction and maintenance control for the facility; and assist in performing system access or revocation tasks.
  • Report system security incidents, classified message incidents, vulnerabilities, and virus attacks IAW AFSSI 5021.
  • Assist in ensuring information systems are cleared or sanitized IAW AFSSI 5020.
  • Provide assistance in developing, modifying, reviewing, and coordinating system PIT determination packages, IASs, IAPs, SSPs, Information Assurance Assessments, System Assessments, ISAs, Verification and Validation testing, Development and Design, requirements identification, Baseline Control selection, Applicability Assessments, Mitigation Strategies, Milestone Requirements Assessments, Configuration Management reviews, Continuous Monitoring, IA Liaison functions between the Developer, Simulators Division, and User Community and Program Management.
  • Program Security
  • Provide program protection and system security input for SOOs, PWSs, RFPs, and CDRLs.
  • Assist in the integration of US export and technology control laws, DoD/Air Force policy and instructions, and other applicable guidance into program protection planning.
  • Recommend changes to DoD, Air Force and program security policy and instructions.
  • Assist with developing and maintaining time-phased, event-driven SCGs & PSDs.
  • Assist with monitoring and reviewing trade studies designed to balance program security risks with costs to the program.
  • Assist with designing cost-effective approaches for integrating security requirements into weapon system contracts.
  • Critical Information
  • Assist in the evaluation of security and administrative procedures associated with handling unclassified Critical Program Information/Critical Information (CPI/CI) and classified material.
  • Classified Information
  • Assist in conducting analyses of procedures regarding the handling, controlling, storage and disposition of classified or critical weapon system hardware.
  • Assist in producing reports on the results of the analyses, including recommended actions, in either electronic or written form.
  • Cybersecurity SME
  • Shall be DoD 8570 - IAM II compliant (No waivers).
  • Demonstrate an advanced understanding of the Risk Management Framework (RMF) and shall apply it within the context of training simulations mission objectives.
  • Identify and recommend potential areas where existing data security policies and procedures may require change, or where a supplement is required to mitigate key security risks.
  • Assist in implementing the JSIG or ICD 503 (a.k.a. Risk Management Framework) requirements to include technical computer/network system auditing.
  • Ensure communication to the ISSMs and Simulators Program Office Cyber leadership and the Program Managers during the lifecycle of the Authorization to Operate (ATO) period; especially if a time arises when the ATO is in jeopardy of not being granted.
  • Provide oversight and execution of the Assessment & Authorization processes (a.k.a. Certification & Accreditation).to assist with ensuring the ISSMs clearly understand their duties as described in the PWS and mentor them to satisfactorily accomplish those duties.
  • Other duties as assigned

Qualifications
  • Bachelor's degree in a Science, Technology, Engineering, Math, Cybersecurity, or Computer Science field of study and 10+ years of experience specifically in cybersecurity or information assurance
  • Certification to IAM level II as defined in AFM 33-285 and DoD 8570.01
  • Secret clearance required

Knowledge, Skills and Abilities
  • Experience with the Risk Management Framework (RMF) process, information system concepts and principles, control families, media, equipment, equipment configuration, and related software systems, processes, and procedures to assess and advise on vulnerability to attack from a variety of sources (e.g., hacking, disruption/denial of services, and destructive programs/applications) and procedures and methods for protection of systems and applications.
  • Ability to work independently and yet be effective within a team setting.
  • Must be capable of managing multiple efforts with time related constraints in a fast-paced contracting environment.
  • Demonstrated ability to effectively communicate and collaborate with diverse internal and external stakeholder groups and individuals.
  • Friendly presence, helpful attitude, good interpersonal skills, and ability to work well with others.
  • Excellent skills in Microsoft Word, Excel, and other Office applications.
  • Experience working in a home office setting.
  • Ability to train end users on frequently asked technical issues.
  • Ability to provide technical assistance and support over the phone with good phone skills and a professional demeanor.
  • Previous customer service experience is strongly desired.
  • Good problem-solving skills with the ability to visualize a problem or situation and think abstractly to solve it.

#NJVC, LLC

Similar searches: Full Time, Administrative, Government and Public Services