Principal Information Security Analyst
6 days left
- Full Time
Performs all procedures necessary to ensure the security of information system (IS) assets, and protect the data contained within or processed through, from intentional or inadvertent access or destruction. SPECIFIC DUTIES & RESPONSIBILITIES:
- Creates, Submits, and Validates Assess & Authorize (A&A) packages in accordance with DIACAP/RMF (DoDI 8510.01)Creates, Submits, and Validates Platform IT (PIT) Assess & Authorize (A&A) packages in accordance with NAVSEAINST 9400.2Maintains compliance with Federal, DoD and DoN Cybersecurity policies. Incumbent utilizes extensive knowledge of all areas of cybersecurity to establish operating standards and procedures for the Cybersecurity Program.Reviews risk analysis and accreditation documentation for timeliness, completeness and accuracy, and ensures that all necessary materials are submitted for review. Conducts threat and vulnerability analysis to assess and determine effective countermeasures or mitigations that minimize risks and ensure the IS is operational and secure.
- Knowledge of DoDI 8500.2 Information Assurance Control (IAC) and NIST 800-53 Security Control implementation and validation, from a systems engineering perspective, as applied to DoD IS.Knowledge of Operating System hardening and remediation IAW the DISA Security Technical Implementation Guides (STIGs).Experience with Assured Compliance Assessment Solution (ACAS) (Nessus), SCAP Compliance Checker (SCC). and the DISA STIG Viewer.Familiarity with Enterprise Mission Assurance Support Service (eMASS) and associated business rules for completing C&A/A&A packages.Experience with Microsoft Windows and UNIX (Linux) operating systems.Knowledge of work planning and resource estimation techniques sufficient to develop milestones and estimate completion dates.Experience with MS Office applications including Word, Excel, PowerPoint, and Visio.