Cyber Security Analyst II
The Mid-level Cyber Security Analyst is responsible for implementing security procedures and methods in accordance with DoD regulations and NIST 800-53 security controls. Works with systems administrators, management, and staff to identify and implement security plans for information systems in accordance with DISA STIG requirements and entry into eMASS. This position requires knowledge of domain structures, user authentication and authorization, encryption and digital signatures and network security. Candidate should also have the ability to evaluate security exposures and threats to determine the level of security necessary to protect the information system.
- Employ NIST 800-60 and FIPS 199 to categorize and assign system security controls.
- Experience with system security policies & documentation implementing RMF (NIST 800-53).
- Interpret and apply Federal and DoD laws and regulations.
- Respond to security incidents quickly and efficiently.
- Work independently.
- Communicate clearly and concisely, both orally and in writing.
- Develop and modify system security processes and artifacts
- Experience or performing risk assessments, audits and performing security planning, accreditation and policy development
- Experience performing vulnerability assessments and information security audits
- Familiarity with NIST 800 special publications, AR 25-2, FIPS 199 and other applicable DoD and federal security standards.
- An understanding of computing environments, including enterprise architecture, network and windows systems.
- An understanding of FEDRAMP and system cloud migration requirements
- Candidates must be permanent residents of the United States and will be required to undergo a background investigation in order to gain access to sensitive information.
- Secret clearance eligible
- Experience with DoD, ARMY and Federal Government
- Knowledge of Security infrastructure products like Nessus, ACAS, HBSS, McAfee ePolicy Orchestrator, McAfee Products, Cisco IDS/IPS, Cisco ASA
- Security+, CISA, GIAC, CAP or CISSP certification
Bachelor's Degree in Computer Science, Engineering, or other Engineering or Technical discipline or equivalent relevant experience.