The Brixton Group
Job Location :
Arlington,VA, USA
Posted on :
2024-12-21T05:13:05Z
Job Description :
Responsibilities:
- Verify data security access controls based on the Joint Special Access Program Implementation Guide (JSIG).
- Implement media control procedures and continuously monitor for compliance.
- Verify data security access controls and assign privileges based on need-to-know.
- Investigate suspected cybersecurity incidents in accordance with Departmental directives and applicable Risk Management Implementation Plans (RMIPs).
- Apply and maintain required confidentiality controls and processes.
- Verify authenticator generation and verification requirements and processes.
- Execute media sanitization (clearing, purging, or destroying) and reuse procedures.
- Protect Controlled Unclassified Information (CUI), Special Access Programs (SAP), Sensitive Compartmented Information (SCI), and Personally Identifiable Information (PII).
- Create and manage the Body of Evidence (BOE).
- Maintain privilege access control logs.
- Create and manage Interconnection Security Agreements (ISA).
- Ensure JSIG compliance of applications within multiple accredited boundaries.
- Track vulnerabilities by creating Plan of Action and Milestones (POA&M).
- Manage the configuration and documentation in the program's instance of Enterprise Mission Assurance Support Services (eMASS).
- Maintain and manage continuous monitoring of DoD Security Technical Implementation Guide (STIG) compliance.
- Enforce continuous monitoring strategies using tools such as Splunk, Oracle Cloud Control, ACAS reports, and scripts for database/application user/privilege review.
- Conduct code reviews for database and application development and configuration management activities.
- Analyze events or test results and prepare POA&Ms.
- Establish and satisfy information assurance and security requirements based on user, policy, regulatory, and resource demands.
Requirements:
- Per contract requirements candidates must possess an active TS/SCI clearance with the ability to obtain CI Poly.
- Bachelor's degree in a relevant field (e.g., Computer Science, Information Systems Management, Engineering) is required for this position. 4 years of relevant work experience may be considered in lieu of the degree requirement.
- Security+ certification or equivalent (DoD 8570) if no current IAM Level II certification.
- 8+ years of experience in cybersecurity or a related field, 2+ years of experience Windows/Linux, 2+ years of cybersecurity experience in the Department of Defense (DoD) or Intelligence community.
- 2+ years of experience as a Cyber or Security Analyst for federal information systems.
- 2+ years of experience with the Federal Risk and Authorization Management Program (FedRAMP).
Preferred Requirements:
- IAT level III certification (CASP+ CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH), or ability to obtain certification within six months of hiring.
- Experience with the Special Access Programs (SAPs) and Intelligence Community (IC).
- Knowledge and/or understanding of Joint Special Access Program Implementation Guide (JSIG)
- Strong familiarity with the Risk Management Framework (RMF), Federal Information Security Management Act (FISMA), and National Institute of Standards and Technology (NIST) FIPS 199/200 and Special Publications.
- Experience with the Federal Risk and Authorization Management Program (FedRAMP).
Apply Now!