Cybersecurity Compliance Analyst - Military veterans preferred

2018-10-25
ManTech (www.mantech.com)
Other

/yr

  full-time   employee   contract


Portsmouth
Virginia
United States

General Responsibilities:

  • The Compliance Analyst position will help maintain and monitor systems compliance with applicable regulatory requirements.
  • Ensure adequate security controls are in place to demonstrate fulfillment of regulatory and contractual obligations.
  • Interpret Risk Management Framework (RMF) Assessment and Authorization (A&A) guidance for clients and provide information and input for the preparation of accreditation packages.
  • Assess the applicability of emergent vulnerabilities to commands and provide advice and direction to program managers and other functional area SMEs representing Cybersecurity policies and regulations.
  • Provide consulting and support to command Cybersecurity engineers and security control validators throughout the security assessment and compliance lifecycle process.
  • Track, gather metrics, analyze, and suggest process improvements for Cybersecurity requirements, compliance deadlines, and ATO approvals.
  • Use methods to collect those metrics to measure operational efficiency, develop innovative solutions, and recommend and facilitate quality improvement efforts.


Requirements Include:

  • Strong knowledge of Information Technology (IT) compliance methodology
  • Demonstrated skills in performing process/control walkthroughs and control testing, and creating procedure narratives and flowcharts
  • Demonstrated interpersonal skills, excellent oral and written communication skills, analytical skills, problem solving and organization skills
  • Experience in the Cybersecurity area or Information Assurance (IA) supporting DoD or federal programs, including DIACAP and RMF, such as accreditation package development and security control testing or validation
  • Experience with DoD Secure Technical Implementation Guidance (STIGs), checklists, and Security Requirements Guides (SRGs)
  • Experience with developing C&A policy, guidance, or procedures
  • Experience in support of various inter-related IT systems and services, including HBSS and configuration reviews, database security, cross domain solutions, and vulnerability scanning
  • Requires strong writing skills.
  • Requires experience with use of Microsoft Excel.
  • Candidate must be very detail oriented.
  • A minimum of five years of related experience is required, two of which must be specialized in IA.

Education/Clearance/Certification Requirements:

  • Secret clearance - preferred with SSBI
  • CompTIA Security+ CE (CISSP Preferred)
  • Operating system certification (Windows Server) or proof of training (certificate)
  • Bachelor’s Degree in Computer Science, Information Assurance, Information Systems, or other related scientific or technical discipline is preferred. Work experience or industry certifications demonstrating technical proficiency may be substituted for education requirements.
  • Certification in industry recognized areas would include Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), GIAC GSLC , or Security+
Advertisement