JOB DESCRIPTION:
Cyber Assurance (CA) team which conducts Risk Management Framework efforts supporting Enterprise level tasks (Tier II) in the roles of Cyber Analyst and Cyber Validators. In addition, the CA team conducts A&A validation and security testing devices before allowing the hardware to be added to the network. The CA team may be required to travel at least 10 times a year for annual security assessments and continuous monitoring efforts. Cybersecurity support includes systems that comprise the ESS, the Agency’s administrative networks- (Unclassified but sensitive Data Network (UDN), Classified Data Network (CDN), and JWICS enclaves), GIG waivered networks, and all standalone systems (non-networked computers).
BASIC QUALIFICATIONS:
At least 3 Years- hands-on technical Cybersecurity validation experience:
Supporting A&A validation, RMF assurance, POA&Ms, and eMASS submissions
Develop, update, and provide for Government review, all DoD and other federal agency-specific documentation specified in Government A&A Framework and DoDI 8510.01, as applicable.
Maintain all DCSA & PM managed system records and documents supporting compliance with federal laws, directives, policies, and procedures, and provide at all times complete access to the records. Store all A&A-related documentation within a government A&A Repository.
Conduct A&A-related security tests and evaluations using government-mandated tools and test procedures.
Develop or contribute to A&A-related POA&Ms and Risk Assessment Reports as directed by applicable policy and guidance.
Review and analyze data found in eMass (or similar A&A Repository /continuous monitoring tool).
Generate reports identifying non-compliant systems.
Knowledge of Risk Management Framework (RMF), STIGs, and eMASS or similar (e.g., Xacta or CSAM)
Knowledge of DISA Security Technical Information Guides, NIST SP 800-53, and other applicable DoD Cybersecurity policies
Possess strong writing skills; experience preparing enterprise-wide SOPs reports for high-level officials
Experience developing cybersecurity documentation, Plan of Actions & Milestones (POAM), enterprise mission assurance support service (eMASS) submissions, and system security engineering efforts
Certification(s):
8570 IAM Level I (e.g., CAP, CND, Cloud+, GSLC, Security+, HCISPP)
or
8570 IAM Level II (e.g., CAP, CASP+ CE, CISM, CISSP (or Associate), GSLC, CCISO, HCISPP)
Requirements
EDUCATION REQUIREMENTS:
Associates or Bachelor’s Degree, or equivalent experience in Cybersecurity, and/or Information Systems Management, Information Technology
CLEARANCE LEVEL:
WORK ENVIRONMENT AND PHYSICAL DEMANDS:
This is a partial Telework position
This position is subject to travel of 15-35%
If an alternate worksite is other than DCSA facilities or corporate office space, must have the reliable ability to communicate over voice (cell phone preferred) and stable, capable internet connection.
Must speak English well enough to communicate complex technical ideas to a diverse customer both verbally and in written form.
Benefits
BENEFITS:
Health, Dental, Vision, 401K Matching, AD&D Insurance
EEO Employer F/M/Vet/Disabled