Intermediate IT Security Analyst - Security Clearance Required

Overview

SOS International LLC (SOSi) is currently seeking an Intermediate IT Security Analyst located at Ft. Huachuca, AZ. The ideal candidate be someone who possesses experience in Cybersecurity.

Essential Job Duties

• Responsible for the day to day operations of conducting routine IA Audits on all Information Systems (IS) to ensure the appropriate IA security controls have been applied and maintained
• Evaluate IS for compliance in accordance with Risk Management Framework (RMF) 800-53 Controls and Special Directives
• Assist with the continuous monitoring of RMF packages within eMASS (POA&Ms, Test Results, Risk Assessments, etc.)
• Record and / or prepare artifacts associated with the audit to ensure a repository for all system RMF documentation is kept current
• Provide Certification and Accreditation (C&A) support in the development of security and contingency plans by conducting risk and vulnerability assessments
• Use the 800 Series NIST Special Publications as reference for C&A, system security plans, risk assessment, and other security requirements
• Create, edit, and review organization and team level documentation for clarity and accuracy and assist with development of security related TTPs, SOPs, processes, plans, or diagrams
• Use automated security scanning tools (SCAP, ACAS, Tychon, etc.) to identify potential vulnerabilities
• Analyze and report findings to technical teams and leadership for appropriate tracking and mitigation
• Research RFIs from technical teams regarding DISA STIG checklists, and DOD / Army regulations
• Explain requirements to systems administrators in detail to ensure proper understanding and clarity
• Review proposed courses of action from technical teams and recommend the most secure option while balancing operations and / or mission requirements
• Assist in the identification, tracking and remediation of security risks discovered on information systems
• Prepare and deliver detailed written reports and oral presentations to the Security Manger, Information Assurance Manager and other senior leaders or staff within the organization
• Coordinate with both internal and external entities to improve established processes and procedures; ensuring efficient execution of all analysis, tracking, mitigation and reporting requirements
• Coordinate directly with cross functional teams and management to resolve all compliance issues
• Support and / or lead special projects as required
• Complete other duties as assigned by management

Minimum Requirements

• Active in scope SECRET clearance or the ability to obtain Interim SECRET eligibility
• HS +4 years of IT / Cyber experience or AA / AS +2 or BA / BS
• To include up to 2 years’ IA / IT experience
• An IAT II certification (CCNA-Security, CND, CySA+, GICSP, GSEC, Security+ CE, or SSCP) is required
• DISA ACAS v5.3 certification within 180 days of hire

Preferred Qualifications

• Possess exceptional communication and interpersonal skills
• Knowledge of eMASS
• Knowledge of network specific DISA Security Technical Implementation Guides and checklists
• Experience performing IA audits within a DoD organization
• Experience with Risk Management Framework (RMF)

Work Environment

• Working conditions are normal for an office environment.
• Fast paced, deadline-oriented environment.
• May require periods of non-traditional working hours including consecutive nights or weekends (if applicable)

SOSi is an equal employment opportunity employer and affirmative action employer. All interested individuals will receive consideration and will not be discriminated against on the basis of race, color, religion, sex, national origin, disability, age, sexual orientation, gender identity, genetic information, or protected veteran status.

SOSi takes affirmative action in support of its policy to advance diversity and inclusion of individuals who are minorities, women, protected veterans, and individuals with disabilities.

• Active in scope SECRET clearance or the ability to obtain Interim SECRET eligibility
• HS +4 years of IT / Cyber experience or AA / AS +2 or BA / BS
• To include up to 2 years’ IA / IT experience
• An IAT II certification (CCNA-Security, CND, CySA+, GICSP, GSEC, Security+ CE, or SSCP) is required
• DISA ACAS v5.3 certification within 180 days of hire
• Responsible for the day to day operations of conducting routine IA Audits on all Information Systems (IS) to ensure the appropriate IA security controls have been applied and maintained
• Evaluate IS for compliance in accordance with Risk Management Framework (RMF) 800-53 Controls and Special Directives
• Assist with the continuous monitoring of RMF packages within eMASS (POA&Ms, Test Results, Risk Assessments, etc.)
• Record and / or prepare artifacts associated with the audit to ensure a repository for all system RMF documentation is kept current
• Provide Certification and Accreditation (C&A) support in the development of security and contingency plans by conducting risk and vulnerability assessments
• Use the 800 Series NIST Special Publications as reference for C&A, system security plans, risk assessment, and other security requirements
• Create, edit, and review organization and team level documentation for clarity and accuracy and assist with development of security related TTPs, SOPs, processes, plans, or diagrams
• Use automated security scanning tools (SCAP, ACAS, Tychon, etc.) to identify potential vulnerabilities
• Analyze and report findings to technical teams and leadership for appropriate tracking and mitigation
• Research RFIs from technical teams regarding DISA STIG checklists, and DOD / Army regulations
• Explain requirements to systems administrators in detail to ensure proper understanding and clarity
• Review proposed courses of action from technical teams and recommend the most secure option while balancing operations and / or mission requirements
• Assist in the identification, tracking and remediation of security risks discovered on information systems
• Prepare and deliver detailed written reports and oral presentations to the Security Manger, Information Assurance Manager and other senior leaders or staff within the organization
• Coordinate with both internal and external entities to improve established processes and procedures; ensuring efficient execution of all analysis, tracking, mitigation and reporting requirements
• Coordinate directly with cross functional teams and management to resolve all compliance issues
• Support and / or lead special projects as required
• Complete other duties as assigned by management
21 days ago