Overview
Bowhead seeks an Information Security Analyst to support our customer in Virginia Beach, VA. The Information Security Analyst will provide cybersecurity, systems security engineering, technical, and management support services to various program offices. Specifically, this support will encompass Risk Management Framework (RMF) tasks, engineering activities, and recommendations for technical support for multiple projects and programs.
Responsibilities
- Efficiently managing the customer and internal resources to meet the established milestones and targeted completion dates
- Managing workload for team members to meet timelines
- Creating and submitting reports for various stakeholders
- Managing client expectations while ensuring customer satisfaction
- Ensuring the planning and execution of all RMF activities are aligned, integrated with, and supportive of the system ATO effort and RMF lifecycle.
- Leading system engineers and software developers in working with cyber security assessors to obtain and maintain an Authority-to-Operate (ATO)
- Developing and maintaining a cybersecurity strategy for IT in accordance with DoD guidance, NIST RMF 800-53, and industry best practice.
- Evaluating and recommending use of tools, guidelines, procedures, and development of project plans to offer prompt resolution options, patch management, version control and administrative systems expertise
- Interacting with Navy customers, other technical providers, and SMEs to include network services, software systems engineering, and/or applications development, and project leadership relating complex technical issues/solutions in a manner to establish a partnerships with Navy clients
- Improving the customers operating environment by providing expert support while also maintaining the cybersecurity/IA posture of systems/hardware managed/administered
- Supporting the development, revision, and finalization of IA documentation, including eMASS documentation and authority to operation (ATO) package preparation
- Developing, consulting, and implementing or facilitating the implementation of controls for the security of the system
- Identifying and managing remediation of identified security weaknesses
- Supporting determination or validation of system categorization and supporting related privacy assessment processes
- Scheduling and reviewing risk assessment scan results in eMASS and assisting or facilitating mitigation/acceptance
- Responsible for providing in-depth technical knowledge and support associated with IA and specifically RMF-related processes to include system categorization, security control selection, control implementation, control and posture assessment, system authorization, and continuous monitoring
- Tracking the corrective actions identified in corresponding system POA&M in order to provide visibility and status to all stakeholders and track expiration and compliance
- Other duties as assigned
Qualifications
- Bachelor degree in Computer Science, Information Technology/Systems, engineering, business or other relevant technical discipline is preferred
- Minimum of ten (10) years of experience as an Information Security Analyst or related job experience
- Experience with RMF policies and procedures and related software tools (e.g. eMASS)
- Security Certification
- Ability to communicate effectively with all levels of employees and outside contacts
- Strong interpersonal skills and good judgment with the ability to work alone or as part of a team
Physical Demands: • Must be able to lift up to 25 pounds • Must be able to stand and walk for prolonged amounts of time• Must be able to twist, bend, and squat periodically
SECURITY CLEARANCE REQUIREMENTS: Must be able to obtain and maintain a security clearance at the Secret level. Candidates with a Secret (or higher) clearance are preferred. US Citizenship is a requirement for Secret clearance at this location.
#LI-MN1