This position is available in Battle Creek, MI, Columbus, OH, Dayton, OH, Fort Belvoir, VA or other locations with access to a military installation with SIPR facilities.
The Cyber Security Analyst provides support to track and coordinate activities aimed at enhancing the overall cybersecurity posture of a large DoD Logistics system. This support includes ensuring compliance with Federal, DoD and DLA information technology and security requirements, policies, procedures, and standards as applicable. The Analyst conducts reviews with project managers and branch chiefs to provide status updates of scans, vulnerabilities, RMF controls, Plan of Actions & Milestones (POA&Ms), and other issues requiring attention by DAAS application owners.
Additionally, the Cyber Security Analyst will:
- Review vulnerability scans, STIG compliance, deficiencies, and vulnerabilities and track them until the government has implemented adequate mitigation measures
- Utilize the Enterprise Mission Assurance Support Service (eMASS) to recommend for detected vulnerabilities, management, operational, or technical controls to include human procedures, software configuration parameters, system changes, or combinations thereof to mitigate the risk associated with the vulnerability
- Perform technical reviews of documented security certification results submitted in the Risk Management Framework (RMF) format to assess their completeness and identify system vulnerabilities and weaknesses
- Perform technical reviews of cybersecurity related documents as part of the Assessment & Authorization (A&A) process
- Analyze the RMF package, perform security A&A reviews, verify, and validate implementation of NIST Special Publication (SP) 800-53/53A controls based on the FIPS Categorization and data sensitivity levels
- Verify compliance with DoD Instruction 8510.01 RMF for DoD Information Technology (IT), NIST SP 800-37 (RMF) and DLA policy requirements
- Serve as a Subject Matter Expert for an information system undergoing authorization
- Five (5) years of relevant A&A, RMF, and NIST A&A experience
- DoD cybersecurity experience
- Experience working in a SIPRNet environment
- Experience assessing security controls and managing POA&Ms in eMASS
- Understanding of how the security controls identified in the NIST 800-53 apply to the process of assessing and authorizing a large organization’s IT infrastructure like that of the DLA, in which there is a compilation of large and small enclaves, AIS applications and outsourced IT processes
- Computing Environment: Security+
- Desired Certifications: CISSP, CISM, Cloud or AWS certification
Security Clearance Requirements:
- DoD Secret Clearance, with eligibility for an IT-1 designation
Equal Employment Opportunity
CompTech is committed to building a diverse and inclusive environment in which we recognize and value each other’s differences as well as fostering a culture that promotes its core values: Commitment, Innovation, and Customer Satisfaction. As an equal opportunity employer, all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, or status as a protected veteran. If you require assistance or an accommodation due to a disability, please call Human Resources at (937) 228-2667 or email email@example.com. A CompTech associate will respond to your message as soon as reasonably possible.