Apply on Employer Site

Agile Defense · 7 hours ago

Cyber Security Specialist

Fort Huachuca, AZ

Full-time

Onsite

Mid, Senior Level

4+ years exp

Agile Defense is committed to providing adaptive innovation to support vital national missions. The Cyber Security Specialist will perform cybersecurity tasks to safeguard systems and information assets, manage information systems security, and enforce security capabilities for networks and systems.

Information ServicesInformation TechnologySoftware

Growth Opportunities

No H1B

Security Clearance Required

Responsibilities

Support the JITC’s Authorization to Operate (ATO) by providing focused input into the systems that document JITC authorization efforts

Collect, investigate, monitor, update, review and catalog documentation

Documentation includes but is not limited to drawings, written artifacts, procedures POA&Ms, and similar documents needed for JITC to meet requirements for JITC IA Controls of the Risk Management Framework (RMF) as well as any Operational Orders or Directives when presented to the Command for response (data calls)

The contractor will ensure the collected artifacts meet the standards established by the Government for accuracy, format, timeliness and integrity

Provide weekly status updates on all tasks within requirement

Provide monthly status updates on all tasks within requirement

Provide monthly funding updates for requirements

Ensure all deliverables are in the correct format and contain proper capitalization, use of typefaces, numerals, compound words, spacing before and after dashes and symbols, and correct spelling and grammar

Ensure the document has no incomprehensible statements, broken links, missing material, or other issues

Responsible for the semi-annual review and update of documents used as compelling evidence required by Risk Management Framework process and then imported into the eMASS database to be submitted to the Authorizing Official in requests for Authorization

Use standard applications such as MS Word, PowerPoint, Excel, MS Visio, and Adobe Pro

Must meet expectations to obtain a recommendation for authorization from the Security Compliance Assessor (SCA) from DISA Risk Executive Office

Maintain a repository, accessible via DoDNET for tracking draft and signed copies of documents such as: Plans of Action and Milestones (POAM), Change Requests (CR), Standing Operating Procedures (SOP), Cybersecurity Architecture Descriptions (CAD), Risk Assessments, topology/diagrams, hardware/software lists, ports, protocols and service tables and other authorization information as required for compliance

Update DoD, DISA, and JITC repositories and databases

This includes Enterprise Mission Assurance Support Service (eMASS), Assured Compliance Assessment Solution (ACAS), Ports, Protocols, Services, Management (PPSM), for oversight of the JITC cyber posture

Coordinate with the Government in the collection of drawings, standard operating procedures, STIG checklists, ACAS reports, POA&M updates, PPSM updates, briefings, and other artifacts

The contractor shall ensure artifacts are obtained using in-person methods, when required

Conduct physical location and system reviews utilizing SCAP, ACAS/Nessus, and other such tools as applicable, on physical workstations, servers, switches, routers, firewalls physical and virtual to include other security devices as required, including those requesting permission to operate or connect to the JITC infrastructure

Conduct continual review of assets with tools such as STIG checklists, and ACAS data for completeness to maintain eMASS records, ensure reports from tools are provided according to the Deliverable table below, provide raw data to the Government for reporting purposes and assist the Government in meeting FISMA and RME requirements

Qualification

Sec+CISSPRisk Management FrameworkACASEMASSSTIGingTechnical SupportDatabase ProtectionDisaster RecoveryNetwork SecurityCompliance Tracking

Required

Sec+ certification

Bachelor's degree; or an Associate's degree and at least 2 years of experience; a minimum of 60 semester hours of formal education working towards an Associate's or Bachelor's degree and at least 4 years of experience; or at least 6 years of experience is required

Degree must be in a relevant technical curriculum and experience must be related to the job duties

Perform cybersecurity related tasks designed to safeguard the security of systems and information assets by protecting against unauthorized access, modification, or destruction

Manage information systems security, including disaster recovery, database protection and software development

Perform technical support focused on the development, operation, management, and enforcement of security capabilities for systems and networks

Analyze information security systems and applications then recommend and develop effective security measures

Identify, report, and resolve security violations

Evaluate IT infrastructure in terms of risk to the organization and establish controls to mitigate loss

Determine and recommend improvements in current risk management controls and implementation of systems changes or upgrades

Work with end users to determine needs, implement policies and procedures, and track compliance through the organization

Establish, plan, and administer the overall policies, goals and procedures for the information security function

Implement network security policies and procedures, ensure network (LAN/WAN, telecommunications, and voice) security access, and protect against unauthorized access, modification, or destruction