Job Details

divh2Cybersecurity Analyst/h2pTrace Systems is seeking a Cybersecurity Analyst to support the Norfolk Naval Shipyard CIO department (Code 109), and the associated network capabilities are currently supporting activities that directly contribute to Navy Fleet readiness. Some of the functions supported by the network include automated tools that enhance the warfighters ability to execute their mission; support to mission areas such as: Fleet logistics, maintenance, ship industrial and maintenance production activities, engineering, supply, legal, readiness, plans and policy, program planning and management, and personnel; hurricane disaster preparedness and response; world-wide support of bases, the war-fighter, and stations; readiness reporting and support; and securing the Homeland. NNSY CIO is responsible for the installation, administration, development, management, and/or maintenance of all networks and systems installed at NNSY and telecommunication services. The CIO provides IT approval for IT purchases made for and by NNSY. This department ensures that all systems and networks operate in a secure manner by implementing and managing an Information Assurance program that meets all Navy and DoD requirements./ppThe project associated with this position is currently in the proposal stage. Duties and responsibilities include but are not limited to:/pulliSupport the revision of the entire end-to-end Assessment and Authorization (AA) process./liliSupport for Inspection and Audit conducted at NNSY./liliReview AA package submissions to ensure system/network architectures and technical/non-technical operating features adequately protect and defend against unauthorized access, ensure systems availability, and meet DoD/Navy Cyber Security (CS) implementation policy requirements and data protection safeguards./liliConduct CS compliance and AA documentation validation assessments for legacy applications, systems and networks./liliDevelop, or expand existing AA and CS documentation to ensure complete documentation exists in accordance with DoD AA and IA/CS policy./liliPerform Cyber Compliance (CC) risk assessments to evaluate system risks and provide written risk assessment reports including overall risk analysis reviews and recommendations to the Navy Authorizing Official (NAO) and Functional Authorizing Official (FAO)./liliRespond to feedback from the NAO and FAO in the form of comments and instructions to ensure coordination of efforts and to correct errors, information omissions and shortfalls in AA documentation packages./liliCommunicate feedback to customers, coordinate corrections collect responses and validate prior to forward for processing./liliDevelop procedures to support AA workflow processes, criteria needed to facilitate authorization processes and NAO/FAO authorization decision milestones./liliStreamline AA package efforts based on RMF status and complexity, unless operational requirements necessitate a waiver from the NNSY Package Submission Office (PSO)./liliSupport Cyber Security readiness reporting and assess the cyber security posture and identify trends and processes potentially dangerous to network security./liliVerify Information Assurance (IA) and CS data for units reported via various databases such as Enterprise Mission Assurance Support Service (eMASS), Vulnerability Remediation Asset Manager (VRAM), Navy Continuous Monitoring and Risk Scoring (CMRS-N) and Department of the Navy (DON) Applications and Database Management System (DADMS)./liliCompile and analyze data and develop a weekly/monthly CS Dashboard for NNSY leadership review./liliCommunicate feedback to NNSY CIO identified with CS vulnerabilities to the DODIN and coordinate corrections, collect responses and validate reporting./liliProvide support in drafting NNSY CIO strategies, plans, policy, and procedures./liliAssist with Assured Compliance Assessment System (ACAS) scans/liliEnsure audit artifacts are accurate, complete, and accessible, including evidence of continuous monitoring, patch management, user account management, and vulnerability remediation efforts./liliCoordinate with ISSMs, Information System Security Officers (ISSOs), and system owners to validate that all systems are in compliance with the Risk Management Framework (RMF) requirements and audit readiness standards./liliTrack and report the status of audit findings and ensure all findings are assigned to responsible stakeholders, properly documented in the Plan of Action and Milestones (POAMs) and resolved within designated timelines./li/ulpMinimum Qualifications/pulliActive, in-scope US Government issued Top Secret clearance./liliDue to the nature of the work and contract requirements, US Citizenship is required./liliMinimum of four (4) years of experience in CS analysis in support of Cyber metrics analysis, incident response and mitigation; risk mitigation analysis, developing contingency plans./li/ulpEducation/pulliBachelors degree in an IT related discipline or Level II Certification (Security+ or better) and a minimum of four (4) years of experience in CS analysis in support of Cyber metrics analysis, incident response and mitigation; risk mitigation analysis, developing contingency plans./li/ulpTrace Systems Inc. was founded to support and defend our nations security interests at home and abroad-- whenever and wherever. We provide enterprise IT, engineering, full life-cycle communications, cybersecurity, cloud and virtualization services and solutions to the United States Department of Defense and other federal agencies./p/div