Senior Cybersecurity Analyst
GNI is seeking a Senior Cybersecurity Analyst to provide Risk Management Framework (RMF) support to our United States Space Force (USSF) customer in Albuquerque, New Mexico. We want you to join our qualified and diverse team of professionals where you can apply your talents to take our team to new levels of performance. The successful candidate possesses USAF and/or USSF RMF experience ranging from documenting, implementing, and assessing system body of evidence documentation to performing system monitoring and compliance assessment activities. You will coordinate with program/site leads as well as government staff and mission partners to collect, create, and update body of evidence documentation for systems under your purview to ensure systems achieve and maintain Authorization to Operate (ATO).
Job Duties/Responsibilities:
- Work as part of an integrated team to develop and maintain RMF body of evidence documentation (e.g., System Security Plan, Security Controls Traceability Matrix, Plan of Action and Milestones, etc.) using Enterprise Mission Assurance Support Service (eMASS) or equivalent products
- Maintain repositories of all body of evidence documentation for systems under your purview and ensure they are accessible only to properly authorized individuals
- Develop and execute security control assessment procedures to verify conformance with control requirements as part of ongoing continuous monitoring and authorization assessment activities
- Work in close coordination with system administrators and other cyber team members to ensure systems are operated, maintained, and disposed of in accordance with applicable security policies and procedures and notify the appropriate stakeholders when changes occur that might impact system authorization posture
- Ensure all security-related vulnerabilities and deficiencies are documented in the Plan of Action and Milestones (POA&M) for each system
- Ensure the development and implementation of an effective information security education, training, and awareness program
- Ensure configuration management policies and procedures for authorizing use of hardware/software are followed and coordinate any system baseline changes with the appropriate stakeholders prior to change
Desired Experience, Skills, and Education:
- Active Top Secret security clearance and ability to obtain SCI
- Bachelor’s degree and 5 years of experience or Master’s degree and 3 years of experience working in information assurance or cybersecurity roles supporting classified USAF and/or USSF environments
- DoD 8570 IAM Level II or higher baseline certification (CISSP preferred); additional training and/or certifications may be required within 6 months of hire; acceptable baseline certifications can be found at https://public.cyber.mil/cw/cwmp/dod-approved-8570-baseline-certifications/
- Strong working knowledge of NIST 800-53 controls and RMF processes
- Experience analyzing and interpreting outputs of various endpoint security, vulnerability, and enumeration tools (e.g., Tenable Nessus, Security Center, SolarWinds, EndPoint Security Solutions, Vulnerator, SCAP Compliance Checker)
