Full Time Employee Contractor
Cyber Security Analyst I
This position will also be involved in supporting the RMF C&A process, for instance eMASS maintenance, POA&M development and maintenance, authoring RMF Policy/Procedures, and similar activities.
Document the results of Certification and Accreditation activities and technical or coordination activity and prepare the system Security Plans and update the Plan of Actions and Milestones POA&M. periodically conduct a complete review of each system's audits and monitor corrective actions until all actions are closed.
Experience in the Certification and Accreditation (C&A), DIACAP and RMF processes (RMF strongly preferred), DISA Security Technical Implementation Guides (STIG) implementation,
The analyst must have a thorough understanding of RMF and basic familiarity with IT/network technologies. The incumbent must be a U.S. Citizen, have a SECRET security clearance, and also have a Cybersecurity Workforce (CSWF) IAM level II certification.
Become familiar with the system/site by reviewing the Assessment and Authorization (A&A) Plan; identify any issues with the Security Plan and Procedures; execute the Validation Plan and Procedures; review POA&Ms; develop Risk Assessments.
Perform information assurance certification and accreditation analysis, security assessments
Make recommendations to the Information System Security Managers to bring their systems into compliance
Analyze deficiencies and document in Plans of Actions and Milestones (POA&Ms) or requests prepared for Acceptance of Risk (AoR)
Experience with DoD Information Assurance C&A Process (DIACAP), Risk Management Framework (RMF)National Institute of Standards and Technology (NIST) 800-53 preferredPrinciple Duties:
Duties include, but are not limited to ?
? Updating eMASS for the following:
? Maintaining the currency of each program?s security documentation
? Entering documentation completed and submitted in eMASS for system changes.
? Annual revalidation efforts require documentation to be completed and submitted in eMASS.
? Registering/making updates to all program?s Ports, Protocols and Services Management (PPSM) in the DoD PPSM Registry.
? Evaluate Information Assurance (IA) Controls for compliance/noncompliance
? Develop and/or review artifacts needed for C&A packages
Must have an 8570 IAM level 1 cert (CAP, Sec+, GSLC).
Used RMF process, development of Program of Actions and Milestone (PO&AM) and eMASS to receive an ATO for at least three programs of record.
Degree in Computer Science, Information Systems, Engineering, Business, or related scientific or technical discipline with 2-3 years experience in Information assurance or Cyber security.
Understanding of MLRS Platformsand munitions capabilities are desire.
This is a great opportunity to join a winning team. CGI offers a competitive compensation package with opportunities for growth and professional development. Benefits for full-time, permanent members start on the first day of employment and include a paid time-off program and profit participation and stock purchase plans.
We wish to thank all applicants for their interest and effort in applying for this position, however, only candidates selected for interviews will be contacted.
No unsolicited agency referrals please.
All CGI offers of employment in the U.S. are contingent upon the ability to successfully complete a background investigation. Background investigation components can vary depending upon specific assignment, or upon any US government security clearance if required. Qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, gender Identity, sexual orientation, national origin, age, disability, veteran status, pregnancy, or other status protected by law. CGI will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with CGI?s legal duty to furnish information.