Previous Job
Previous
Cyber Security Analyst - Naval INFORMATION FORCES
Ref No.: 18-08000
Location: Norfolk, Virginia
Position Type:Full Time/Contract
Start Date: 09/04/2018

Job Description:
Please send me your resume
Role: Cyber Security Analyst
Location: Norfolk, VA
Duration: Full Time

CASP or CISSP or CISM certification (at least 1 cert is needed)

Experience in the following area:
· Must have a minimum 5 years of experience supporting A&A for Navy, Army or AirForce IT systems
· Must have experience working for eMASS
· Provide Cyber Security Analysis, Security Controls and Validation Support
· Provide technical analysis of RMF artifacts and authorization documentation to inform authorization decisions for EDCSS.
· Support monitoring and tracking execution of POA&M which identifies and monitors corrective action for weaknesses and deficiencies found during security assessment.
· Perform all required cybersecurity analyst (CSA) RMF process steps for EDCSS, to include: Categorize System, Select Security Controls, Implement Security Controls, and Assess Security Controls.
· Ensure ECCSS RMF process steps are followed and adhered to by RMF stakeholders for EDCSS.
· Establish and/or provide Subject Matter Expert (SME) guidance to RMF stakeholders on RMF processes and procedures for EDCSS.
· Ensure authorization decisions are supported by sufficient documentation and accurate risk assessments.
· Ensure EDCSS authorization and compliance with higher level policy as defined by DoD/DON policy.
· Assess approved technical and non-technical security features of EDCSS to address known threats and vulnerabilities. The assessment must consider and identify impacts as well as consideration of existing risk mitigation strategies.
· Act as an independent and impartial assessor to determine and certify aggregate cybersecurity risk for recommendations for EDCSS.
· Participate in Checkpoints (Risk Management Framework Process Guide, Version 2.0, 4 August 2017) and provide recommendations for the SAP, ensuring all appropriate security controls will be assessed for compliance.
· Provide quality assurance of an RMF SAP related to cybersecurity risk for EDCSS.
· Perform Security Review for EDCSS.
· Perform IT Contingency Plan Testing for EDCSS.
· Conduct Privacy Impact Assessment (PIA) for EDCSS.
· Perform all required and approved Validator RMF process steps for EDCSS within eMASS.
· Perform a complete security control validation and assessment of technical and non-technical security features of EDCSS to address known threats and vulnerabilities. The evaluation must consider and identify impacts as well as consideration of existing risk migration strategies.
· Prepare a Security Assessment Report (SAR) for EDCSS describing the results of the security control assessment, providing risk assessment at the control-level, and including recommendations for correcting any weaknesses or deficiencies in the controls.
· Support updates of the Risk Assessment Report (RAR) and POA&M based on the assessment results for EDCSS.
· Ensure traceability of all vulnerabilities for EDCSS from raw assessment results to the POA&M.
· Perform required vulnerability analysis to support mitigation and residual risk determination for EDCSS.
· Prepare the SAR Executive Summary, with all assessment results, for review, certification, and signature.