Cybersecurity Analyst

Vision IT is a woman-owned business that's supported DoD and Federal Sector IT initiatives for two decades. We work side-by-side with our clients as a trusted, long-term partner offering innovative consultation and leadership to solve their most pressing and complex problems. We orchestrate people, strategies, technologies, and best-of-breed business processes.

We seek the services of a Cybersecurity Analyst to support a great contract in AZ!

MINIMUM REQUIREMENTS:

• Experience with Risk Management Framework (RMF) and vulnerability management
• HS + 4 years of IT/Cyber experience | AA/AS +2 experience IT/Cyber experience | BA/BS +2 years' experience IA/IT experience
• Exceptional communication and interpersonal skills
• Knowledge of network specific DISA Security Technical Implementation Guides and checklists
• Knowledge of asset scanning
• Experience performing audits within a DoD organization
• Experience with Risk Management Framework (RMF) and vulnerability management
• Active Secret Clearance - TS/SCI Strongly Desired

DESIRED SKILLS:

• Proficiency in conducting detailed analysis of systems, signals, and underlying protocols to identify potential security issues and produce remedies to enhance security features.
• Have strong interpersonal skills to enable working, interfacing, and interrelating with diverse personnel and dynamic teams.
• Strong demonstrated cyber security systems engineering, with requirements and interface management, risk management, change boards and change board environment.
• Proficient in RMF technologies and processes, project integration, analysis and stakeholder processes.
• Experience developing transition to operations plans, supporting design reviews and engineering boards.

ESSENTIAL JOB DUTIES:

• Responsible for the day to day operations of conducting routine IA Audits on all Information Systems (IS) to ensure the appropriate IA security controls have been applied and maintained
• Evaluate IS for compliance in accordance with Risk Management Framework (RMF) 800-53 Controls and Special Directives
• Assist with the continuous monitoring of RMF packages within eMASS (POA&Ms, Test Results, Risk Assessments, etc.)
• Record and/or prepare artifacts associated with the audit to ensure a repository for all system RMF documentation is kept current
• Provide Certification and Accreditation (C&A) support in the development of security and contingency plans by conducting risk and vulnerability assessments
• Use the 800 Series NIST Special Publications as reference for C&A, system security plans, risk assessment, and other security requirements
• Create, edit, and review organization and team level documentation for clarity and accuracy and assist with development of security related TTPs, SOPs, processes, plans, or diagrams
• Use automated security scanning tools (SCAP, ACAS, BNA, etc.) to identify potential vulnerabilities
• Analyze and report findings to technical teams and leadership for appropriate tracking and mitigation
• Research RFIs from technical teams regarding DISA STIG checklists, regulations and/or BBPs
• Explain requirements to systems administrators in detail to ensure proper understanding and clarity
• Review proposed courses of action from technical teams and recommend the most secure option while balancing operations and/or mission requirements
• Assist in the identification, tracking and remediation of security risks discovered on information systems
• Prepare and deliver detailed written reports and oral presentations to the Security Manger, Information Assurance Manager and other senior leaders or staff within the RCC-C
• Coordinate with both internal and external entities to improve established processes and procedures; ensuring efficient execution of all analysis, tracking, mitigation and reporting requirements
• Coordinate directly with cross functional teams and management to resolve all compliance issues
• Support and/or lead special projects as required
• Complete other duties as assigned by management

Vision IT provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, or genetics. In addition to federal law requirements, Vision IT complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

Vision IT expressly prohibits any form of workplace harassment based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of Vision IT's employees to perform their job duties may result in discipline up to and including discharge.