Title: Cybersecurity Compliance Analyst III

Location: Colorado Springs, CO

Clearance: TS/SCI with the ability to obtain and maintain a CI polygraph

Job Details:

• Perform impact/risk assessments on identified technologies for vulnerability scanning of networks
• Provide expert guidance and direction on complex problems sets within the technology area of networking
• Develop and deliver presentations, guides, or check lists of networking concepts and protocols, and network security methodologies
• Maintain responsibility for checklist and Tactics, Techniques and Procedures (TTPs) for respective technical areas
• Provide support for briefings, white papers, executive summaries, or other JCIP tools as required
• Provide advice on application of network security architecture concepts including topologies, protocols, components, and principles
• Complete STIG checklists, run Secure Content Automation Protocol (SCAP) scans
• Use DoD STIG and STIG Viewer tool to record all non-scan technology inspection results; upload STIG inspection exports and/or DoD ACAS vulnerability scan results to central portals or data repositories
• Coordinate with other team members to conduct scans and leverage site documentation to complete their respective checklists
• Analyze vulnerabilities discovered through conducting reviews to develop vignettes on potential exploitation scenarios
• Document results articulating impacts to an organization in the event an organization's cyber domain becomes unavailable
• Provide support for management and maintenance of JCAP Security Documentation to include JCAP program baseline that defines the backside enclave(s) to each JWICS node in terms of connectivity and security robustness
• Provide review and progress reports of all Plan of Action and Milestones (POA&M)
• Provide regional/associated sites and site-specific assessment support, coordinated with A&A and local ISSM staffs
• Provide weekly metrics and reports of customer service activities
• Conduct daily review of government provisioned ticketing system for required response to incidents, events, actions, and requirements. Provide management of assigned actions in accordance with agency prescribed timelines
• Provide IA Exercise Support and as well as support for International Systems
• Execute the system and site Risk Management Framework program in the region/AOR as outlined by CIO issuances
• Support the establishment of end to end IA processes and procedures across CIO to streamline AO/DAO approvals and to establish IT security standards for region in accordance with current DOD and IC policy guidance
• Support the development and execution of a checklist for required system security controls validation in accordance with the system/site Continuous Monitoring Program (CMP)
• Develop key metrics for continuous monitoring of IA Ops functions which support FISMA reporting and compliance

Requirements:

• Bachelor's degree from an accredited institute in an area applicable to the position; an additional 4 years of experience be substituted in lieu of a degree
• Minimum six (6) years of relevant experience in addition to education level
• Must possess current DoD 8570 IAT II or IAM II certification
• Experience working in a DoD or IC environment desired
• Current active TS/SCI clearance, with the ability to obtain and maintain a CI polygraph

Equal Opportunity Employer/Veteran/Disabled