Senior Cybersecurity Analyst (IMC00365)
Fort Shafter, HI
Dependent on qualifications
|Mandatory Job Requirements:||
|Applications Accepted By:||
Email: Michelle Might, Corporate Recruiter, firstname.lastname@example.org
Email Subject Line: Sr. Cybersecurity Analyst (00365)
The senior cyber security analyst is responsible for all areas of IT cybersecurity and will assist the USARPAC G61 (CSPMO) in managing the risk of operating a network including the Command Cyber Readiness Inspection (CCRI), Organizational Inspection Program, foreign engagements, exercise support, and Certification and Accreditation (C&A) support and tracking using RMF. the senior cyber security analyst will work with other team personnel to ensure they remain on task and assist where needed.
Duties and responsibilities: The candidate duties will include, but are not limited to, the following tasks:
- Oversight and accountability of day-to-day security operations of cybersecurity tasks.
- Develop and maintain compliant security architecture by implementing current policies, procedures, and standards to provide a layered approach to cybersecurity.
- Evaluate policies against applicable standards for regulatory compliance.
- Physical, personnel, facility, information systems, through policies and controls IAW Army Regulations, Department of Defense (DoD) Directives and Instructions.
- Manage information security risks and report findings to the Government.
- Work with system owners to maintain current Authorities to Operate in a manner compliant with Federal Information Security Management Act (FISMA), DoD Risk Management Framework (RMF), and National Institute of Standards and Technology (NIST) guidance.
- Support foreign engagements by developing and presenting cybersecurity topics and develop and build relationships with foreign partners.
- Support cybersecurity requirements during Army and Joint exercises.
The senior cyber security analyst will:
- Attend technical meetings as requested by the Govt. Cybersecurity Program Manager providing comment and recommendations were required.
- Assist in the review and drafting of policy, SOPs, and directives as required.
- Ensure appropriate Secure Technical Implementation Guidelines (STIG) are maintained through monthly Plans of Action & Milestones (POA&M) review.
- Review POA&Ms for currency and mitigations to identified vulnerabilities.
- Provide recommendations on cyber security perspectives for proposed changes, initiatives, and projects.
- Review change requests, system connection requests, and requests for exception to policy to DODIN-AP networks. Determine associated risk and draft Memorandums for Record for all requests with recommendation to the Authorizing Official via CSPMO review.
- Validate assets are in compliance with Army Gold Master configuration, DISA STIG compliant, and meet all requirements of the Change Request process prior to recommending connection to the DODIN-AP network.
- Review all change requests for completeness, accuracy, and residual risk prior to providing approval Memorandum for Request to the Cybersecurity SME.
The senior cyber security analyst will support C&A activities including:
- Ensure the Network Enterprise Centers and USARPAC controlled assets comply with eMASS and AO direction for all connections to the DODIN-AP NIPR and SIPR in support of their Authority to Connect (ATC) and Authority to Operate (ATO).
The senior cyber security analyst will support the CCRI and OIP processes including:
- Provide support to the CCRI assessment team during scheduled and unscheduled inspections.
- As a command team member for the Site Assist Visit (pre-CCRI inspection), ensure Network Enterprise Command’s (NECs) and Regional Cyber Center (RCCs) are in compliance with all applicable CCRI requirements (e.g. Technical, CND Directives, Contributing Factors, etc.). Report status, findings, and results.
- Support post-CCRI finding remediation. Assist with the planning, execution, and documentation of CCRI finding remediation activities.
- Provide support to the Organizational Inspection Program (OIP) prior to, during and following all OIP inspections.
- Evaluate Command personnel during all OIP inspections. Document all findings; teach and train personnel on how to correct findings and provide recommendations to preclude recurrence of findings.
The senior cyber security analyst will also provide:
- Support for foreign engagements:
- Assist in developing a 5-year cybersecurity plan for specific country engagements.
- Develop and present topics in conjunction with the 5-year plan.
- Coordinate country visits using SMEs from various sources based on agreed upon topics.
- Develop and build relationships with foreign partners to ensure continued success.
- Cybersecurity support for exercises:
- Review, analyze, and recommend connections for Authorizing Official (AO) approval.
- Work with exercise participants to develop proper documentation for presenting to the AO.
- Participating in pre-exercise meetings as directed by the government.
Required Skills: Note: These are mandatory items that all candidates must have when making application to IMC for this position. Please ensure that your submission addresses each of these requirement items. Candidates without these required elements will not be considered.
- At start date, must possess current IAM Level III Certification – one or more of the following current certifications in ACTIVE status are acceptable.
- GSLC – GIAC Security Leadership Certification
- CISM – Certified Information Security Manager
- CISSP – Certified Information Systems Security Professional (or Associate)
- 7+ years of cybersecurity experience, preferably working directly with the Army.
- 5+ years of knowledge of DoD and Army cybersecurity policy.
- Strong interpersonal and relationship building skills.
- Strong writing skills and experience addressing senior executive leaders.
- Ability to evaluate data to quickly identify problems, issues and gaps.
- Pursuant to a government contract, this specific position requires U.S. Citizenship.
- All applicants must have current DoD Top Secret clearance eligibility day one and prior to entry on duty with the ability to pass an SSBI background investigation to up-scope their clearance to Top Secret/SCI.
Desired Qualifications and Skills: It is desirable that the candidate has the following qualifications:
- Capable of conducting technical research on cybersecurity issues and products and producing a whitepaper for leadership review.
- Experience working with the Mission Partner Environment (MPE).
- A relevant educational degree in one of the follow fields: Computer Science, Information Systems, Information Technology, Cyber Security, Statistics, Business Administration, Systems Engineering, Computation Science, Computer Engineering, Electrical Engineering, Data Analytics, Information Technology, Information Security and Assurance, Mathematics, Software Engineering, Systems Engineering, or Telecommunications.
Innovative Management Concepts, Inc. (IMC), a Service-Disabled, Veteran-Owned Small Business, provides a broad range of information technology services to government and commercial clients. Since its founding in 1989, IMC has offered solutions and expertise in: IT operations and maintenance, cyber security, systems and network engineering and support services, cloud/hosting services, software engineering and development, website services, software quality assurance and testing (including IV&V), and project management. IMC is certified in International Organization for Standardization (ISO) 9001:2015 Quality Management, ISO 27000:2013 Information Security Management System, and ISO 20000-1:2011 Information Technology Service Management. Find out more about IMC at www.imcva.com.
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other characteristic protected by law.