Security Analyst III
Location: Hill AFB, UT (ONSITE)
Pls. apply online at: www.command-cs.com/careers
Clearance Requirement: ****This position requires an Active Secret Clearance****
Employment Class: Full Time Regular.
FLSA Classification: Exempt - Salaried.
Position Summary:
Command Cyber Solutions (a federal government contractor) is seeking a qualified Security Analyst III who will provide complex ISSO support of Department of Defense (DoD) Risk Management Framework (RMF) support of the Hill Air Force Base (AFB) Enterprise Data Center (HEDC) project located at Hill AFB, Utah.
Essential Duties & Responsibilities:
- Support the RMF program for this location in compliance with current DoD industry regulations
- Develop, implement, and monitor a strategic, comprehensive enterprise information security and IT risk management program
- Performs risk analysis and security audit services, developing analytical reports as required
- Conducts and/or supporting authorized penetration testing on enterprise network assets
- Analyzes site/enterprise DCO policies and configurations and evaluates compliance with regulations and enterprise directives
- Assists with the selection of cost-effective security controls to mitigate risk
- Assesses threats to the environment via penetration testing, risk assessments and other assessments
- Provides inputs on the adequacy of security designs and architectures
- Supports cybersecurity assessments and defensive operations.
- Provides support to security certification test and evaluation of assets, vulnerabilities
- Ensure the consistent application of policies and standards across all technology projects, products, systems, and services throughout program
- Maintain compliance standards of information systems and procedures
- Perform IT security risk assessments and present ways to minimize threats
- Monitor security vulnerabilities and hacking threats in network and host systems
- Review investigations after breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities
- Conduct real-time analysis of immediate threats, and triage during incidents
- Maintain a current understanding of system vulnerabilities, threats, and identification of risks to develop strategy and actionable plans to protect the customer
- Ensure compliance with the changing laws and applicable regulations
- Schedule periodic security audits
- Ensure cyber security policies and procedures are communicated to necessary personnel and compliance is enforced
- Brief the necessary stakeholders on status, emerging threats, and risks
- Other duties as assigned.
Education, Certification & Experience Requirements:
Required:
- Bachelor’s Degree in Business or IT related field or equivalent professional experience.
- Five (5) plus years of experience in DoD RMF in system engineering and/or design, design. assurance or testing for products and system computer networking technology.
- Working knowledge of tools to include but not limited to ACAS, ESS/HBSS.
- Must possess Active Secret security clearance.
- IAM II (ISSO Master Level) certification required.
Knowledge, Skills & Abilities:
Required:
- Demonstrated knowledge of DoD RMF procedures.
- Knowledge of DoD industry regulations and environment to include but not limited to DoD 8570.01-M and 8140, DoD 8510.01, DoD 8570.1, FISMA, FIPS 199, FIPS 200, NIST SP 800-30 Rev 1, NIST SP 800-35, NIST SP 800-37 Rev 2, NIST SP 800-39, RMF for DoD IT, NIPR, SIPRNET, NSANET and JWICS.
- Knowledge and understanding of DoD RMF A&A, ATOs, IAVA, STIGs, Cybersecurity MOA and MOU procedures and best practices.
- Must have excellent oral, verbal, written communication skills.
- Exceptional fundamental analytical and conceptual thinking skills.
- Competency at highest level of all phases of information systems.
Working Conditions/Working Environment/Physical Demands:
- Basic office work environment at government facility location.
- Work under the primary supervision of Project Manager.
- Hours of operation are M-F between 0800-1700.
- Occasionally, project requirements may require temporary adjustment of work hours/days.
- Duties are subject to change based on the needs of the customer.
Command Cyber Solutions is an equal opportunity employer and is committed to providing a workplace free from harassment and discrimination. We celebrate the unique differences of our employees because that is what drives curiosity, innovation, and the success of our business. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, gender identity or expression, age, marital status, veteran status, disability status, pregnancy, parental status, genetic information, political affiliation, or any other status protected by the laws or regulations in the locations where we operate. Accommodations are available for applicants with disabilities.
Job Types: Full-time, Contract.
Benefits:
- 401(k)
- Dental insurance
- Employee assistance program
- Flexible spending account
- Health insurance
- Health savings account
- Life insurance
- Paid time off
- Referral program
- Retirement plan
- Vision insurance
Schedule:
License/Certification:
Security clearance:
Work Location: One location.