Cloud Cybersecurity Analyst, Mid

Charlottesville, Virginia, United States
Nov 10, 2018
Dec 10, 2018
Full Time
Job Description Job Number: R0036979

Cloud Cybersecurity Analyst, Mid

Key Role:

Collaborate with stakeholders through an Agile process to ensure the design, implementation, and continued operations of continuous risk evaluation engines across multiple domains to enable more automated discovery, remediation and alerting of network and device vulnerabilities, as a means of improving the security posture of Cloud environments, while reducing manpower requirements. Develop Risk Management Framework (RMF) body of evidence artifacts, system security plans, and Cybersecurity concept of operations documents for amazon web services operating within Cloud environments in alignment with existing RMF accreditation packages. Support accreditation activities to achieve and maintain authority to operate (ATO) on multiple networks. Evaluate enhancements to Cloud environments against applicable RMF controls and security technical implementation guidance (STIG) requirements. Support eMASS or Xacta data import and configuration to enable achievement of the organization's assessment & authorization (A&A) objectives.

Basic Qualifications:

-5+ years of experience in securing computer systems, performing DoD accreditation activities, and writing security plans

-Experience with scripts, including bash to provide automated scanning or monitoring solutions

-Knowledge of DoD A&A processes, activities, standards, and available analytic tools

-Knowledge of terminology, processes, and regulations applicable to IT system assessment and authorization for the RMF

-Knowledge of secure IT architecture, computing hardware, and software

-Ability to work independently, as an integrated member of a project team

-Ability to adapt to evolving requirements and meet project deadlines

-Active TS/SCI clearance

-HS diploma or GED

-Meet DoD directive 8570 or 8140 series Certification requirements to serve as an IAT Level II or Information Assurance Manager Level II

Additional Qualifications:

-Experience with planning, implementing, monitoring, and managing continuous risk evaluation engines

-Experience in working with Cloud technologies, including Amazon Web Services (AWS) or Azure, and infrastructure as a service

-Experience with Red Hat Enterprise Linux (RHEL) or Windows system administration

-Experience with the U.S Army, DoD and intelligence community (IC) information assurance (IA), as an information systems security officer (ISSO) or information assurance manager (IAM)

-Experience in developing body of evidence artifacts for certification & accreditation (C&A) of systems, under frameworks including National Institute of Standards and Technology (NIST) Special Publication (SP) 800-Series, DoD RMF, and intelligence community directive (ICD) 503

-Experience with eMASS or Xacta tools

-Knowledge of terminology and federal regulations applicable to specification, development, acquisition, and maintenance of IT system


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required.

We're an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status—to fearlessly drive change.