Über
Position Overview The Cyber Security Analyst IV provides advanced cybersecurity engineering, RMF compliance, vulnerability management, continuous monitoring, and audit readiness support for Air Force Financial Management systems and enterprise infrastructure environments. This position supports the implementation and sustainment of Risk Management Framework (RMF) activities in accordance with DoDI 8510.01, NIST SP 800-53 Rev 5, DISA STIG requirements, and Air Force cybersecurity policies and enterprise security controls. The Analyst works closely with ISSMs, ISSOs, System Administrators, Database Administrators, Configuration Managers, and Government stakeholders to maintain compliant, secure, and operational systems across the enterprise environment. Essential Duties & Responsibilities Support the full RMF lifecycle for assigned systems and applications. Develop, maintain, and update RMF documentation including: System Security Plans (SSPs) Risk Assessment Reports (RARs) Security Control Traceability Matrices (SCTMs) Plans of Action & Milestones (POA&Ms) Continuous Monitoring documentation Authorization and accreditation artifacts Maintain and manage cybersecurity packages within eMASS and related RMF tracking systems. Conduct vulnerability assessments using approved enterprise vulnerability management tools. Analyze vulnerability scan results and coordinate remediation activities with system administrators and engineering teams. Support DISA STIG implementation, validation, and compliance efforts. Assist with ACAS/Nessus vulnerability scanning activities and remediation tracking. Review security event logs, audit logs, and security alerts for anomalous or suspicious activity. Support cybersecurity incident analysis, reporting, documentation, and coordination activities in accordance with established procedures. Support continuous monitoring initiatives and cybersecurity compliance reporting. Assist with cybersecurity inspections, audits, CCRI preparation, and remediation activities. Coordinate cybersecurity requirements with government stakeholders, engineers, and support teams. Support secure system configuration management and baseline compliance activities. Develop cybersecurity status reports, risk summaries, and compliance documentation for leadership review. Assist with implementation and validation of security controls in accordance with RMF requirements. Utilize scripting and automation tools where appropriate to support compliance validation, reporting, and remediation tracking. Required Technical Skills RMF / Compliance: Risk Management Framework (RMF) NIST SP 800-53 Rev 5 DoDI 8510.01 DISA STIG implementation and validation Continuous Monitoring (ConMon) POA&M management Security control assessment support Audit and compliance reporting
Security & Vulnerability Management Tools: eMASS ACAS/Nessus Tenable.io Qualys Splunk QRadar SolarWinds SEM
Endpoint & Infrastructure Security: Trellix/HBSS CrowdStrike Falcon Microsoft Defender McAfee Endpoint Security
Operating Systems & Enterprise Platforms: Windows Server Linux VMware Citrix Active Directory Azure Active Directory DB2 IBM WebSphere
Scripting / Automation: Experience with one or more of PowerShell, Python, Bash. Minimum Qualifications Bachelor’s degree in Cybersecurity, Information Assurance, Information Technology, Computer Science, Engineering, or related field. Equivalent combination of education, military training, certifications, and directly related experience may be considered. 7–10+ years of cybersecurity or information assurance experience. 5+ years supporting DoD, Air Force, or federal information systems. Hands‑on experience supporting RMF and eMASS activities. Experience supporting vulnerability management and cybersecurity compliance initiatives. Experience interpreting and implementing DoD and Air Force cybersecurity policies. Strong written and verbal communication skills. Ability to work collaboratively within enterprise government environments. Preferred Certifications CGRC (formerly CAP) CISSP CASP+ Security+ CISM GCIH GCIA Preferred Experience Experience supporting Air Force enterprise environments. Experience supporting AFFSO or Financial Management systems. Experience supporting CCRI inspections. Experience with enterprise cybersecurity compliance reporting. Experience working within classified or controlled government environments. We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or veteran status. We are committed to fostering a diverse, inclusive, and welcoming workplace.
#J-18808-Ljbffr
Sprachkenntnisse
- English
Hinweis für Nutzer
Dieses Stellenangebot stammt von einer Partnerplattform von TieTalent. Klick auf „Jetzt Bewerben”, um deine Bewerbung direkt auf deren Website einzureichen.