Job Description:

Description

Job Title: Cyber Security Analyst II

Job Location: Montgomery, Alabama (Remote)

Clearance: Candidate must be a US Citizen with an Active SECRET clearance or higher (no exceptions)

IndraSoft, Inc. is seeking a Cyber Security Analyst II with an active Secret Clearance to work remotely reporting into the Montgomery, Alabama office. The incumbent will be a highly motivated and qualified individual who works well as part of multi-disciplinary teams supporting Cyber Security duties. The Cyber Security Analyst II will lead Risk Management Framework (RMF) and eMASS processes support and provide guidance to the applicable Program Management Offices while supporting all applicable on-site Task Leads or Program Managers. In addition, the candidate must ensure that all IT systems/programs attain and maintain their Authority to Operate (ATO) utilizing the RMF platform.

Qualifications:
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Qualifications Required:

- Associate degree in Computer Science or related IT degree or six (6)+ years of relevant IT/cyber security experience with eMASS and RMF.

- Experienced with performing a variety of routine project tasks applied to specialized cyber security problems. Tasks involve integration of electronic processes or methodologies to resolve total system problems, or technology problems as they relate to cyber security requirements.

- Demonstrated ability to analyze information security requirements.

- Ability to apply analytical and systematic approaches in the resolution of problems of workflow, organization, and planning.

- Expertise with providing cyber security support for planning, design, development, testing, demonstration, integration of information systems.

- Experienced providing assessment and authorization responsibilities for cloud based NIPRNet information systems.

- Experience using eMASS to document security control test results.

- Knowledgeable with creating and updating RMF related artifacts specific to NIST security control families.

- Vast experience with RMF, eMASS, ACAS and Air Force A&A process.

- Proficient in developing, executing, and monitoring Plan of Action and Milestones (POA&Ms) and Ports, Protocols, and System (PPS) for the system.

Security/Certification Requirements:

- Active DoD SECRET Security Clearance

- Certification: DoD 8570.01 IAM Level I (Security+ CE, CAP, GSLC, etc.)

Essential Functions and Responsibilities:
Performs a variety of routine project tasks applied to specialized cyber security problems. Tasks involve integration of electronic processes or methodologies to resolve total system problems, or technology problems as they relate to cyber security requirements. Analyzes information security requirements. Applies analytical and systematic approaches in the resolution of problems of workflow, organization, and planning. Identify, manage, and verify cyber security requirements, to include cyber security controls, in the same manner as all other system requirements, ensuring traceability. Implement cyber security controls through Systems Engineering Technical Processes.

- Develop System Security Plan using RMF for DoD Information Technology.

- Develop and adjudicate POA&Ms.

- STIG review, remediation, and results.

- Configuration Management Plans.

- Information System Contingency Plan & Exercises.

- Performs a variety of routine project tasks applied to specialized cyber security problems. Tasks involve integration of electronic processes or methodologies to resolve total system problems, or technology problems as they relate to cyber security requirements.

- Provides cyber security support for planning, design, development, testing, demonstration, integration of information systems.

- Provide assessment and authorization responsibilities for cloud based NIPRNet information systems.

- Coordination of operational cyber security issues.

- Mitigation of vulnerabilities derived from security scans.

- Security incident management.

- Time Compliance Network Order (TCNO) compliance.

- Federal Information Security Management Act (FISMA) Compliance.

- Attendance to meetings sponsored by the PMO/Task Lead/PM.

- Cyber security System decommissioning support.

- Cyber security-related test & evaluation.

- Vulnerability Management Plan.

- Provide No Security Impact letter for each release.

- Develop, review, and maintain RMF documentation (SSP, PPSM, etc.).

- Perform at either Producer or Reviewer support roles within eMASS.

- Additional responsibilities as assigned by supervisor/management.

Physical Demands:

While performing duties of the job, incumbent will be exposed to normal demands associated with an office environment or home office environment. Ability to work on computer for long periods, and communicate with individuals by telephone, email, and face to face. This position requires incumbent to have the ability to stand, walk, sit, use hands to finger, handle or feel objects, tools, or controls, reach with hands and arms, talk, and hear. Employee must be able to lift and/or move up to 20 pounds. Specific vision abilities required by job include close vision, distance vision, color vision, peripheral vision, depth perception and the ability to adjust and focus.

Work Environment: The noise level in the work environment is usually low to moderate. Temperature level is maintained at a typical office level environment of around 70 degrees Fahrenheit.

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c).

Apply Now