Security Analyst II

Location: Hill AFB, Utah (100% on site)

Absolute Minimum Requirements :

• Active Secret Clearance
• Security+ Certification (must be current)
• IAM I (ISSO Senior Level) certification (must be current)
• Bachelor’s Degree in Business or IT related field OR equivalent professional experience (7+ years)
• Must live in or be willing to relocate to the Hill AFB area
• Must be willing to be onsite 100% of the time
• 2+ years of experience in DoD RMF in system engineering and/or design, design assurance or testing for products and system computer networking technology
• Working knowledge of ACAS, ESS/HBSS
• Does your current resume show the above 7 requirements?

————————————————————————————————

Position Summary:

Our Client  seeks a qualified Security Analyst II who will provide complex support of Department of Defense (DoD) Risk Management Framework (RMF) support of the Hill Air Force Base (AFB) Enterprise Data Center (HEDC) project located at Hill AFB, Utah. 

Essential Duties & Responsibilities:

•    Support the RMF program for this location in compliance with current DoD industry regulations
•    Develop, implement, and monitor a strategic, comprehensive enterprise information security and IT risk management program
•    Perform infrastructure and application penetration tests, as well as physical security review and social engineering tests 
•    Performs risk analysis and security audit services, developing analytical reports as required
•    Emulates adversarial cyber activities to identify weaknesses, enumerate vulnerabilities, and assess the overall security posture of customer networks and information systems
•    Assists with the selection of cost-effective security controls to mitigate risk
•    Ensure the consistent application of policies and standards across all technology projects, products, systems, and services throughout program 
•    Maintain compliance standards of information systems and procedures
•    Perform IT security risk assessments and present ways to minimize threats
•    Monitor security vulnerabilities and hacking threats in network and host systems
•    Review investigations after breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities
•    Conduct real-time analysis of immediate threats, and triage during incidents
•    Maintain a current understanding of system vulnerabilities, threats, and identification of risks to develop strategy and actionable plans to protect the customer
•    Ensure compliance with the changing laws and applicable regulations
•    Schedule periodic security audits
•    Ensure cyber security policies and procedures are communicated to necessary personnel and compliance is enforced
•    Brief the necessary stakeholders on status, emerging threats, and risks
•    Other duties as assigned.

Education, Certification & Experience Requirements:

•    Bachelor’s Degree in Business or IT related field or equivalent professional experience
•    Two (2) plus years of experience in DoD RMF in system engineering and/or design, design assurance or testing for products and system computer networking technology
•    Working knowledge of tools to include but not limited to ACAS, ESS/HBSS
•    Ability to obtain and maintain Secret Clearance.
•    IAM I (ISSO Senior Level) certification

Knowledge, Skills & Abilities:

Required:

•    Demonstrated knowledge of DoD RMF procedures
•    Knowledge of DoD industry regulations and environment to include but not limited to DoD 8570.01-M and 8140, DoD 8510.01, DoD 8570.1, FISMA, FIPS 199, FIPS 200, NIST SP 800-30 Rev 1, NIST SP 800-35, NIST SP 800-37 Rev 2, NIST SP 800-39, RMF for DoD IT, NIPR, SIPRNET, NSANET and JWICS
•    Knowledge and understanding of DoD RMF A&A, ATOs, IAVA, STIGs, Cybersecurity MOA and MOU procedures and best practices
•    Must have excellent oral, verbal, written communication skills  
•    Exceptional fundamental analytical and conceptual thinking skills
•    Competency at highest level of all phases of information systems 

Working Conditions/Working Environment/Physical Demands:

•    Basic office work environment at government facility location
•    Work under the primary supervision of Project Manager
•    Hours of operation are M-F between 0600-1800.
•    Occasionally, project requirements may require temporary adjustment of work hours/days
•    Duties are subject to change based on the needs of the customer