Cyber Security Analyst

TACG is seeking a Cybersecurity Analyst to assist and support in analysis, identification, and documentation of security requirements for existing and emerging system capabilities. The CA will help provide oversight, policy, and procedure development, as well as related functions in compliance with Information Assurance requirements.  The position is assisting in implementing, operating, and managing security requirements, both technical and administrative, on classified systems and unclassified systems.

This will be a hybrid schedule with one day a week working in Kettering, OH. 

Responsibilities (include but are not limited to):

• Coordinates, develops, and evaluates security programs for an organization.
• Recommends information assurance/security solutions to support Risk Management Framework (RMF) requirements.
• Develops NIST-/FISMA-related Assessment and Authorization (A&A)/RMF documentation for systems and networks undergoing certification and validate the quality of deliverables produced by the team.
• Assesses risks, identifies mitigation requirements, and develops accreditation recommendations.
• Tracks RMF requirements for assigned systems within the agency, validates that tasks are on schedule, and ensures the delivery of quality documentation.
• Prepares the System Security Plan (SSP) and Security Assessment Plan (SAP).
• Reviews and edits security artifacts as assigned to ensure compliance with RMF and FISMA.
• Assists in the creation of RMF packages with the responsibility for gathering information from system owners, applies data to the appropriate templates, and attends meetings in support of the effort.
• Determines applicable enterprise information assurance and security standards.
• Develops and implements information assurance/security standards, policies, strategies, plans, and procedures.
• Establishes and satisfies information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands.
• Performs vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle.
• Maintains and monitors Authorization to Operate (ATO) package, including required documentation, artifacts, control test results, and Plan of Action and Milestones (POA&M).
• Assists in Continuous Monitoring efforts for the program and evaluates related artifacts.
• Analyzes vulnerability scans, source code scans, and compliance checklists.
• Evaluates vendor documentation, artifacts, and control test results.

Requirements:

• Clearance:
• Secret

• Education:
• Must possess a 4-year degree or equivalent work experience that may be substituted.

• Experience:
• Experience in developing and implementing Information Assurance plans for a new information system development effort.
• CISSP, Security , SANS, ISC2, or other relevant certification required.
• Strong understanding and demonstrated experience applying a risk-based approach to information security and IT assessments.
• Excellent organizational skills.
• Ability to prioritize duties based on shifting demands.
• Strong analytical and problem-solving skills.
• Proficient in the English language for communication and creating documents.
• Excellent verbal and written communication skills.
• Excellent problem-solving skills and strong attention to detail.
• Ability to work effectively in a rapidly changing, team-based environment.
• Excellent communication and collaboration skills with business and technical communities.
• Proficient in Microsoft Office suite.
• Proficient in Enterprise Mission Assurance Support Service.
• 7-9 years of work experience
• 5-7 years of those years working with the DoD or Air Force community