This site uses cookies. To find out more, see our Cookies Policy

Cyber Security Analyst in Washington, DC at THOR Solutions

Date Posted: 6/10/2018

Job Snapshot

Job Description

The managerial and technical complexity of the Coast Guard’s C4ISR Acquisition Project demands proactive problem identification, creative issue resolution, and overall stewardship of the program. Including continuing responsibility to protect the confidentiality, integrity, and availability of the information that is used and to ensure essential Coast Guard functions are carried out. The support staff will coordinate with and support the Configuration Management (CM)/Logistic/Test &Evaluation (T&E) and C4ISR IA team with all SAP related activities and protection of all Coast Guard C4ISR systems and information they contain.

The C4ISR SAP program consists of providing:

  • Support of the Security Authorization process
  • Assessment and Authorization support
  • Coordination and support ISSM and ISSO’s with related activities
  • Guidance on Cybersecurity(Information Assurance)/Risk Management for system security issues
  • Assistance to ISSM and ISSO’s in researching and developing SAP documents.
  • Assistance in developing SAP packages
  • Assistance in Reciprocity requests
  • Scheduling and tracking SAP related information (such as SAP packages due dates, status, and scans).
  • Assistance to ISSM and ISSO’s in tracking and developing reporting documentation for all CGCYBER and DoD CYBER Task Orders and Data Calls.  

Tasks include the following:

  • Support the performance of system, network and application A&A-related tasks including RMF package development, IA/security controls analysis, risk assessment, contingency planning, Security Test and Evaluation (ST&E), risk mitigation analysis, and technology reviews/assessments.
  • Provide assistance to senior technical analysis for Cybersecurity (Information Assurance) support and integration efforts. Performs in-depth analysis in various areas and technologies within RMF A&A documentation.
  • Perform security authorization and re-authorization of all CG-9335 system on SBU, classified, Platform Information Technology Systems (PITS) and Navy Program of Record.
  • Use the DoD/DHS/USCG guidelines for conducting information system security authorizations. In addition, use current Guides to the Security Authorization Process as guidance for the USCG SAP methodology. FInally, use the Risk Management Framework (RMF) six-step process.
  • Assist/conduct a Risk Assessment (RA) using NIST SP 800-53 Self Assessment Checklist.
  • Assist/conduct annual Self Assessment using the NIST SP 800-53 for systems accredited under the NIST SP 800-37 (series), and assist/conduct annual IA Control Review for all accredited systems.
  • Assemble PIT/PIT System packages at the direction of the ISSM and ISSO’s and provide copies of the package as needed.
  • Track, review, and make recommendations on Information Assurance Vulnerability Alerts (IAVA), Information Assurance Vulnerability Bulletins (IAVB) and Technical Advisories (TA) to determine possible security vulnerabilities within the current system configuration
  • Monitor approved FISMA dashboard to ensure that all security criteria and regulatory requirements are maintained, and that changes that affect the SAP documentation are denoted.
  • Provide support during Cyber Security Inspection (CSI) and Cyber Command Readiness Inspection (CCRI) findings for inclusion in A&A remediation plans as part of RMF Step 6 (Monitor),
  • Use the Risk Management System (RMS) and approved Risk Management tools (i.e. eMASS or others) to input information or create a SAP package during the SAP process.
  • Review and process other DoD service component Authorization via established reciprocity requirements and processes
  • Assist in developing and maintaining USCG Online SAP Web Site and SAP Tracking Tool (databases).
  • Provide meeting support, including generating meeting summaries and providing briefing materials.

Job Requirements

Security Clearance Requirement:

  • An Active DoD Secret Clearance is required for this position.

Required Knowledge, Skills, and Abilities:

  • Minimum of at least four (4) years demonstrated experience supporting a major system acquisition program’s Security Authorization process.
  • Experience with Cybersecurity (Information Assurance) requirements, standards, and IA/security controls analysis.
  • Experience with A&A requirements and processes
  • Experience with risk and vulnerability assessment and risk mitigation analysis, conducting risk assessments, risk mitigation analysis, developing contingency plans.
  • Background in cybersecurity(Information Assurance) requirements analysis, design, development, implementation.
  • Experience with detailed analysis of applicable security controls and determining the compliance status with each security control.
  • Familiarity with DoD/DHS Cybersecurity directives, policy, instructions and orders.
  • Must be willing to work onsite at US Coast Guard Headquarters.

Equal Opportunity Employer of Minorities, Females, Protected Veterans, and Individuals with Disabilities.