Cloud Cybersecurity Analyst
Cloud Cybersecurity Analyst
Collaborate with stakeholders through an Agile process to ensure of the design, implementation, and continuous monitoring solutions across multiple domains to enable more automated discovery, remediation, and alerting of network and device vulnerabilities, as a means of improving the security posture of Cloud environments, while reducing manpower requirements. Develop Risk Management Framework (RMF) Body of Evidence artifacts, including system security plans and Cybersecurity concept of operations documents for Amazon Web Services operating within Cloud environments in alignment with existing RMF accreditation packages. Support accreditation activities to achieve and maintain Authority to Operate (ATO) on multiple networks. Evaluate enhancements to Cloud environments against applicable Risk Management Framework (RMF) controls and DoD Security Technical Implementation Guidance (STIG) requirements. Support eMASS or Xacta data import and configuration to enable achievement of the organization's Assessment and Authorization (A&A) objectives.
-5+ years of experience with securing computer systems, performing DoD accreditation activities, and writing security plans
-Experience with using scripts, including Bash to provide automated scanning or monitoring solutions
-Knowledge of DoD A&A processes, activities, standards, and available analytic tools
-Knowledge of terminology, processes, and regulations applicable to IT system assessment and authorization for the Risk Management Framework (RMF)
-Knowledge of secure IT architecture, computing hardware, and software
-Ability to work independently and as an integrated member of a project team
-Ability to adapt to evolving requirements and deliver to project deadlines
-Active TS/SCI clearance
-BA or BS degree
-Department of Defense Directive 8570 or 8140 Series Certification requirements to serve as an IAT Level II or Information Assurance Manager Level II
-Experience with planning, implementing, monitoring, and managing continuous monitoring solutions
-Experience in working with Cloud technologies, including Amazon Web Services (AWS) or Azure, particularly Infrastructure as a Service
-Experience with Red Hat Enterprise Linux (RHEL) or Windows system administration
-Experience with the US Army, DoD, or IC Information Assurance (IA), including Information Systems Security Officer (ISSO) or Information Assurance Manager (IAM) roles preferred
-Experience with developing Body of Evidence artifacts for Certification and Accreditation (C&A) of systems under frameworks, including National Institute of Standards and Technology (NIST) Special Publication (SP) 800-Series, DoD Risk Management Framework (RMF), and Intelligence Community Directive (ICD) 503
-Experience with eMASS or Xacta tools
-Knowledge of terminology and federal regulations applicable to specification, development, acquisition, and maintenance of IT systems
-Possession of excellent oral and written communication skills
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required.
We're an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status—to fearlessly drive change.