Information Security Analyst 2

Are you ready to apply cutting-edge technologies to solve real world problems? Do you thrive in an environment where people leverage technology and processes to build innovative and sustainable solutions?    You might just be a perfect fit for the CDO team.  Since 1995, CDO Technologies has delivered the best solutions for unique business problems in the commercial and federal sectors ranging from Asset Management to IT Services.  CDO employees demonstrate integrity, embrace teamwork, and embody a Can Do attitude in the delivery of superior customer service. 

Position Summary:

This position will be responsible for all aspects of informational security, at times focused on accreditation. Responsibilities include, but are not limited to participating in engineering and building enterprise solutions, architectural reviews, and assisting with the evaluation of proposed technical solutions for our customers.   Note:  This is a hybrid position, requiring 3 days per week on-site, on Randolph AFB, TX.

Job Responsibilities:

- Develop and sustain RMF A&A packages to maintain Authorization to Operate (ATO)

- Develop, complete, and process System Categorization Document and System Security Plans

- Validate and upload RMF documentation into the Enterprise Mission Assurance Support Service (eMASS)

- Assemble and coordinate system Plans and Procedures from the iAssure templates for all RMF families

- Process and submit Plans of Action and Milestones (POA&Ms)

- Ensure DISA STIGs/SRGs are implemented and enforced

- Perform Risk Analysis and Vulnerability Assessments

- Perform annual security reviews in accordance with FISMA reporting

- Review PPS, HW/SW listings, NSS checklists (all A&A artifacts)

Minimum Requirements:

- An active Secret Security Clearance is required

- Must hold a DoD 8570.01 IAT Level 2 certification, such as Security+ CE

- 2+ years of experience in support of cybersecurity for the purposes of RMF

- Experience developing and sustaining RMF A&A packages

Preferred Qualifications & Experience:

- Hands-on experience with associated DoD CyberSecurity tools (i.e., ACAS/NESSUS, STIGs, Cloud SRGs)

- Working knowledge of Cloud-based technologies and accreditations of various IaaS, PaaS, SaaS, etc.

- Experience in DevSecOps and conducting end-to-end security testing of Applications (Web, Mobile, other APIs)

- Experience with industry standard tools such as Fortify, Checkmarx, and practices for code reviews, static/dynamic code analysis, and vulnerability assessments

- Knowledge of OWASP Top 10, SANS 25, NVD, CVE, etc.

- Experience with code languages and frameworks (Java, C+, Apex, etc.)

- End-to-end experience with attaining system ATOs

What can a CDO employee expect?

At CDO Technologies, we believe in taking care of our employees with a comprehensive benefits package.  Our health and welfare benefits include two medical plan options along with a LiveHealth program to see a doctor online anytime day or night. CDO offers dental, vision, and a Flexible Spending Account for medical or childcare.  Employees may also enroll in a 401(k) plan with their first paycheck.  Full-time employees also receive company paid short- and long-term disability and life insurance.  We also provide tuition reimbursement, professional development, and certification reimbursements.  Finally, CDO also offers employees a generous leave program including paid holidays, vacation, and sick leave.

CDO is an equal opportunity employer.  All qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity, sexual orientation, national origin, disability, or veteran status.