Cyber Security Analyst

-Provide technical assistance in RMF Assessment & Authorization (A&A) processes, analysis and reporting requirements in the area of cybersecurity, computer network defense (CND) and inventory management for the CCAD computing and network environments.

-Support the DoD Host-based Security Solution (HBSS) on-site maintaining policy compliance IAW DoD policies.

-Respond to and support all IT projects and efforts effecting network operations such as: deployments, DISA STIG compliance, desktop data encryption deployment, and vulnerability scanning.

-Provide technical support to the ISSO in developing and maintaining an effective Vulnerability Management program, performing risk analysis and supporting remediation and mitigation of detected vulnerabilities.

-Directly participate in activities traditionally associated with the DoD Information Assurance Vulnerability Management (IAVM) program.

-Be responsible for the use of and access to all approved DoD tools used to assess, validate and/or mitigate security vulnerabilities as well as test, mitigate and document software and hardware mitigation strategies in support of the DoD Risk Management Framework or other cybersecurity efforts.

-Use the Risk Management Framework (RMF) methodology to successfully implement a process to assess the security risk of all CCAD information systems, enclaves, and other computing and networking devices.

-Directly participate in IAVM program by utilizing tools such as Assured Compliance Assessment Solution (ACAS) to scan systems for vulnerabilities and analyze for trends.

-Perform automated and manual Security Technical Implementation Guides (STIG) scans of applicable systems and analyze for misconfigurations and trends.

-Assist with the review and completion of Assessment and Authorization (A&A) documentation required in the DoD Enterprise Mission Assurance Support Service (eMASS) that would be required to obtain AMC Authorizing Official (AO) favorable decision to issue an Authorization To Operate (ATO) as well as any activities and actions IAW DoD governance processes and procedures.

-Provide RMF recommendations, guidance, mitigation strategies, risk assessments, and assist with the preparation and delivery of artifacts, documentation, risk/security assessments, and track/monitor status using DoD Enterprise Mission Assurance Support Service (eMASS) system.

-Assist in developing Plans of Actions and Milestones (POA&Ms) documentation for systems within the CCAD Enclave.

-Assist with management of a local library of all documents, SOP, drawings and other artifacts which support all RMF efforts ensuring such artifacts are reviewed and updated and a provide monthly status reports submitted to the ISSM for review and acceptance.

-Perform Security Configuration Management support including research and development of applicable baselines, configuration scanning, and notification to owner and personnel accountable, tracking remediation, reporting and validation.

Security Clearance: SECRET, Interim SECRET required to begin work.