SOSi

Senior Information Technology Security Analyst

Job Locations US-AZ-Fort Huachuca
Job Post Information* : Posted Date 5 months ago(3/18/2022 4:00 PM)
ID
2022-5772
Location : Location
US-AZ-Fort Huachuca
Potential for Remote
No
Clearance Requirement
Secret
Job Requires Relocation
Yes
Job Requires Relocation
Yes

Overview

SOS International LLC (SOSi), is currently seeking a Senior Information Technology Security Analyst in Ft. Huachuca, AZ. The Senior Information Technology Security Analyst reports to the Cybersecurity Team Lead and is responsible for maintaining accreditation documentation for all RCC-C owned systems and circuits as well as maintaining the RCC-C's evidence for CSSP compliance.

Responsibilities

  • Create and maintain accreditation documentation for all systems and record artifacts in eMASS.
  • Create, validate, and maintain compliant CSSP accreditation documentation as required by DoDI 8530.1 and DoD O-8530.1-M.
  • Coordinate with ARCYBER for upcoming inspections or areas of concern.
  • Provide technical writing support for operations documents, SOPs, technical instructions, testing results, playbooks, diagrams, and briefing materials.
  • Ensure AARs are conducted, and lessons learned are incorporated into existing plans and documents.
  • Support CSSP inspection activity.
  • Complete weekly, monthly, and annual reporting requirements.
  • Serve as a focal point of contact for the RMF/A&A team and the customer/organization.
  • Provide advice on Information Assurance, physical security, disaster recovery, incident response, business continuity, contingency planning and data backup systems.
  • Manage recurring reviews, internal security audits and vulnerability and threat assessments, and activates mitigation workflows in support of RMF / Continuous Monitoring.
  • Assess current technology architecture for vulnerabilities/weaknesses and recommends opportunities for improvement.
  • Provide Certification and Accreditation (C&A) support in the development of security and contingency plans by conducting risk and vulnerability assessments.
  • Identify and propose plans to minimize risk across organization networks, based on risk and vulnerability assessments.
  • Assist with the continuous monitoring of RMF packages within eMASS (POA&Ms, Test Results, Risk Assessments, etc.).
  • Advise technical teams on valid Exceptions to Policy, document any security deficiencies, and track and maintain Body of Evidence in support of system risk posture.
  • Ensure enterprise security posture is correctly communicated to the Authorization Official (AO) and actively work with technical teams to minimize risk across all managed networks.
  • Evaluate IS for compliance in accordance with Risk Management Framework (RMF) 800-53 Controls, Special Directives, and other regulatory guidance.
  • Use the 800 Series NIST Special Publications as reference for C&A, system security plans, risk assessment, and other security requirements.
  • Create, edit, and review organization and team level documentation for clarity and accuracy and assist with development of security related TTPs, SOPs, processes, plans, or diagrams.
  • Follow ITIL best practices to manage tickets and processes.
  • Develop and/or maintain SOPs, TTPs, and SmartBooks associated with current knowledge of relevant technologies as assigned.
  • Provide guidance and work leadership and structure to less-experienced personnel.
  • Maintain current knowledge of relevant technologies and recommends improvements based on industry trends.
  • Provide timely notification to the Government for any critical or high incidents impacting critical systems and services.
  • Provide on-call support after business hours and during weekends when required.
  • Participate in special projects as required.
  • Collaborate with GTMs, Branch Chiefs, Division Chiefs and RCC-C Leadership

Qualifications

  • Active in scope SECRET clearance or the ability to obtain Interim SECRET eligibility
  • HS +12 years of IT/Cyber experience or AA/AS +10 or BA/BS +8
  • An IAT II certification (CCNA-Security, CND, CySA+, GICSP, GSEC, Security+ CE, or SSCP) is required
  • Knowledge of network specific DISA Security Technical Implementation Guides and checklists

Preferred Qualifications

  • ITIL Foundation Certification
  • Possess exceptional communication and interpersonal skills
  • Knowledge of eMASS
  • Experience performing IA audits within a DoD organization
  • Experience with Risk Management Framework (RMF)
  • Fluency in a foreign language is desirable, but not required

Working Conditions

  • Working conditions are normal for an office environment.
  • Fast paced, deadline-oriented environment.
  • May require periods of non-traditional working hours including consecutive nights or weekends (if applicable)

 

SOSi is an equal employment opportunity employer and affirmative action employer. All interested individuals will receive consideration and will not be discriminated against on the basis of race, color, religion, sex, national origin, disability, age, sexual orientation, gender identity, genetic information, or protected veteran status. SOSi takes affirmative action in support of its policy to advance diversity and inclusion of individuals who are minorities, women, protected veterans, and individuals with disabilities.


Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed