Cloud Information Security Analyst
SAIC
- York, Pennsylvania, United States
- York, Pennsylvania, United States
À propos
The successful candidate will be responsible for working on high-visibility or mission-critical aspects of a given program and performing all functional duties with some oversight.
This position is Monday through Friday, normal business hours. However, employees may be required to provide after-hours and weekend support during planned or emergency events.
Additional Responsibilities
Develop and coordinate all authorization documentation associated including the Systems Categorization, Systems Security Plan, and Systems risk assessment.
Support the control assessment, reporting and monitoring processes using the Cyber Security and Assessment Management (CSAM) system.
Create and maintain all minor/major modification documentation.
Maintain all waivers and risk assessment for the ISSMs.
Assist the ISSMs with decisions that affect security of their systems and networks.
Facilitate preparations for all Contingency/Incident response assessments.
Perform and document risk assessments, analyzing security vulnerabilities, and the metrics to measure the risks associated with those vulnerabilities.
Design and develop comprehensive Systems Security Plan, covering at a high level the infrastructure, policies and procedures which define the systems security profile for the enclave systems.
Review and validate System Test and Evaluation (ST&E) and Interim Authority to Test (IATT) reviews for new and/or legacy systems.
Review and conduct NIST-based Self Assessments, identifying any weaknesses which need to be addressed, and developing a POA&M for each of those weaknesses based on industry best practices. Requesting risk acceptance for vulnerabilities that cannot be remediated or mitigated.
Based on the risk profile, create and track Plan of Action and Milestones (POA&M) for mitigation of risks identified via the ACAS and STIG processes.
Design and develop Initial Privacy Assessment (IPA) and Privacy Impact Assessments (PIAs) for each major Federal Government IT Systems. Developing and conducting System Test and Evaluations (ST&Es) and Independent Verification and Validation (IV&Vs) of the security profiles of Federal Government IT Systems.
Utilize the eMass tool to manage the security profile for the system.
Utilize the PPSM tool and processes to register ports protocols and services in use by the enclaves.
Qualifications Required Education and Experience
5+ Years with BS 3+ Years with MS 0 Years with PhD.
DoD Secret clearance or higher.
Must have at least one of the following IAT Level II certifications: Security+, CECCNA‑Security, CySA+, GICSP, GSEC, CND, SSCP.
Must have at least one Computing Environment (CE) certification or certificate for the technical area of responsibility for Network support/defense (e.g., Splunk, Cisco, McAfee, etc.) or Operating System (e.g., Microsoft, Linux, Solaris, AWS Cloud Practitioner, AWS Solutions Architect, etc.).
Familiarity with AWS cloud concepts and services.
Familiarity with DevOps practices in an agile environment.
Desired Qualifications
MA/MS.
ITIL Foundations (v4 or higher) certification.
One of the IAM Level II certifications CAP, CASP+ CE, CISM, CISSP (or Associate), GSLC, CCISO, HCISPP.
Salary Target salary range: $80,001 - $120,000.
Location & Clearance Scott Air Force Base, IL, US. Minimum clearance required: Secret; must be able to obtain Secret clearance.
Schedule Full-Time Day Job (no travel required). Potential for remote work: ORA_ON_SITE.
#J-18808-Ljbffr
Compétences linguistiques
- English
Avis aux utilisateurs
Cette offre provient d’une plateforme partenaire de TieTalent. Cliquez sur « Postuler maintenant » pour soumettre votre candidature directement sur leur site.