Information Security Analyst
Overview Bowhead seeks an Information Security Analyst to support a Cybersecurity contract located in Norfolk, VA.
This contract is tasked with cybersecurity, systems security engineering, technical, and management support services to various program offices.
Specifically, this support will encompass Risk Management Framework (RMF) tasks, engineering activities, and recommendations for technical support for multiple projects and programs.
Responsibilities Efficiently managing the customer and internal resources to meet the established milestones and targeted completion dates Managing workload for team members to meet timelines Creating and submitting reports for various stakeholders Managing client expectations while ensuring customer satisfaction Ensuring the planning and execution of all RMF activities are aligned, integrated with, and supportive of the system ATO effort and RMF lifecycle.
Leading system engineers and software developers in working with cyber security assessors to obtain and maintain an Authority-to-Operate (ATO) Developing and maintaining a cybersecurity strategy for IT in accordance with DoD guidance, NIST RMF 800-53, and industry best practice.
Evaluating and recommending use of tools, guidelines, procedures, and development of project plans to offer prompt resolution options, patch management, version control and administrative systems expertise Interacting with Navy customers, other technical providers, and SMEs to include network services, software systems engineering, and/or applications development, and project leadership relating complex technical issues/solutions in a manner to establish a partnerships with Navy clients Improving the customers operating environment by providing expert support while also maintaining the cybersecurity/IA posture of systems/hardware managed/administered Supporting the development, revision, and finalization of IA documentation, including eMASS documentation and authority to operation (ATO) package preparation Developing, consulting, and implementing or facilitating the implementation of controls for the security of the system Identifying and managing remediation of identified security weaknesses Supporting determination or validation of system categorization and supporting related privacy assessment processes Scheduling and reviewing risk assessment scan results in eMASS and assisting or facilitating mitigation/acceptance Responsible for providing in-depth technical knowledge and support associated with IA and specifically RMF-related processes to include system categorization, security control selection, control implementation, control and posture assessment, system authorization, and continuous monitoring Tracking the corrective actions identified in corresponding system POA&M in order to provide visibility and status to all stakeholders and track expiration and compliance Other duties as assigned Qualifications Bachelor degree in Computer Science, Information Technology/Systems, engineering, or other relevant technical discipline is preferred Minimum of three (3) years of experience as an Information Security Analyst or related job experience Experience with RMF policies and procedures and related software tools (e.
g.
eMASS) Security
Certification Ability to communicate effectively with all levels of employees and outside contacts Strong interpersonal skills and good judgment with the ability to work alone or as part of a team Physical Demands:
o Must be able to lift up to 25 pounds o Must be able to stand and walk for prolonged amounts of time o Must be able to twist, bend, and squat periodically SECURITY CLEARANCE REQUIREMENTS:
Must currently hold a security clearance at the Secret level.
US Citizenship is a requirement for Secret clearance at this location.
#LI-MN1 Recommended Skills Administration Communication Computer Security Consulting Continuous Monitoring Customer Satisfaction Estimated Salary: $20 to $28 per hour based on qualifications.
This contract is tasked with cybersecurity, systems security engineering, technical, and management support services to various program offices.
Specifically, this support will encompass Risk Management Framework (RMF) tasks, engineering activities, and recommendations for technical support for multiple projects and programs.
Responsibilities Efficiently managing the customer and internal resources to meet the established milestones and targeted completion dates Managing workload for team members to meet timelines Creating and submitting reports for various stakeholders Managing client expectations while ensuring customer satisfaction Ensuring the planning and execution of all RMF activities are aligned, integrated with, and supportive of the system ATO effort and RMF lifecycle.
Leading system engineers and software developers in working with cyber security assessors to obtain and maintain an Authority-to-Operate (ATO) Developing and maintaining a cybersecurity strategy for IT in accordance with DoD guidance, NIST RMF 800-53, and industry best practice.
Evaluating and recommending use of tools, guidelines, procedures, and development of project plans to offer prompt resolution options, patch management, version control and administrative systems expertise Interacting with Navy customers, other technical providers, and SMEs to include network services, software systems engineering, and/or applications development, and project leadership relating complex technical issues/solutions in a manner to establish a partnerships with Navy clients Improving the customers operating environment by providing expert support while also maintaining the cybersecurity/IA posture of systems/hardware managed/administered Supporting the development, revision, and finalization of IA documentation, including eMASS documentation and authority to operation (ATO) package preparation Developing, consulting, and implementing or facilitating the implementation of controls for the security of the system Identifying and managing remediation of identified security weaknesses Supporting determination or validation of system categorization and supporting related privacy assessment processes Scheduling and reviewing risk assessment scan results in eMASS and assisting or facilitating mitigation/acceptance Responsible for providing in-depth technical knowledge and support associated with IA and specifically RMF-related processes to include system categorization, security control selection, control implementation, control and posture assessment, system authorization, and continuous monitoring Tracking the corrective actions identified in corresponding system POA&M in order to provide visibility and status to all stakeholders and track expiration and compliance Other duties as assigned Qualifications Bachelor degree in Computer Science, Information Technology/Systems, engineering, or other relevant technical discipline is preferred Minimum of three (3) years of experience as an Information Security Analyst or related job experience Experience with RMF policies and procedures and related software tools (e.
g.
eMASS) Security
Certification Ability to communicate effectively with all levels of employees and outside contacts Strong interpersonal skills and good judgment with the ability to work alone or as part of a team Physical Demands:
o Must be able to lift up to 25 pounds o Must be able to stand and walk for prolonged amounts of time o Must be able to twist, bend, and squat periodically SECURITY CLEARANCE REQUIREMENTS:
Must currently hold a security clearance at the Secret level.
US Citizenship is a requirement for Secret clearance at this location.
#LI-MN1 Recommended Skills Administration Communication Computer Security Consulting Continuous Monitoring Customer Satisfaction Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
