Cybersecurity Analyst SME
Job Description:
Qualified candidates will assist JTF-CS to support proper implementation and sustainment of DOD cybersecurity and RMF requirements. The support services shall include support in the following areas: RMF and JTF-CS policy, guidance, procedure and templates; security control implementation and testing; security control assessments; and RMF training. This position is at Fort Eustis VA.
Each candidate will:
· Provide technical analysis of JTF-CS RMF artifacts/authorization documentation to inform authorization decisions for the JTF-CS domain enclave of the
NORTHCOM enterprise
· Support JTF-CS in monitoring and tracking execution of POA&M
· Perform all required cybersecurity analyst (CSA) RMF process steps for the JTF-CS domain enclave of the NORTHCOM enterprise, to include: Categorize
System, Select Security Controls, Implement Security Controls, and Assess Security Controls
· Ensure ECCSS RMF process steps are followed and adhered to by RMF stakeholders
Security Controls Support
· Assess approved technical and non-technical security features of JTF-CS domain enclave to address known threats and vulnerabilities; assessment must
consider and identify impacts as well as consideration of existing risk mitigation strategies
· Act as an independent and impartial assessor to determine and certify aggregate cybersecurity risk for recommendations for JTF-CS domain enclave
· Develop a Security Assessment Plan (SAP) for JTF-CS domain enclave of the NORTHCOM enterprise within Enterprise Mission Assurance Support Service
(eMASS), describing the objectives of the security control assessment and providing a detailed roadmap for performing the assessment, to include:
- Security Plan (SP)
- Security Assessment Report (SAR)
- Risk Assessment Report (RAR)
- Up-to-date POA&M
- Updated accreditation artifacts
· Conduct Privacy Impact Assessment (PIA) for the JTF-CS domain enclave
· Provide approval recommendation of the SAR for the JTF-CS domain enclave
· Provide guidance to JTF-CS Stakeholders
· Implement Security Controls
· Assess Security Controls
· Monitor Security Controls
· Support Authorization of Information System Support
- Plan of Action and Milestones
- Assemble the security authorization package
- Determine the risk to organizational operations to include delivering the Residual Risk Statement that will be included in the Risk Acceptance Recommendation Report, Briefing (slides and meeting support)
- Determine if the risk to organizational operations, organizational assets, individuals, other organizations, or the Nation is acceptable
Mandatory Requirements:
Clearance Level: Secret
Certifications: DODM 8570 IAM Level III: - REQUIRED
Preferred Skillsets
Proficiency with eMASS preferred
Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.
#clearancejobs