IT Security Analyst
DecisionPoint Corporation
Cyber Security
Cybersecurity Engineer
Apogee Engineering, LLC
full-time
Posted on:
Origin: • 🇺🇸 United States • Ohio
Visit company websiteJob Level
SeniorLead
Tech Stack
Cyber Security
About the role
- Provide expert weapons system cybersecurity guidance and recommendations to acquisition authorities and Authorizing Official (AO) to develop secure, resilient systems.
- Translate and provide comprehensive NIST 800-53 requirements to ensure Systems Security Engineering (SSE) and solutions are incorporated into an integrated program protection scheme.
- Provide subject matter expertise to execute Risk Management Framework (RMF) to support Assessment & Authorization (A&A) of assigned systems including generating required artifacts (Interim Authority to Test [IATT], Authority to Connect [ATC], and Authority to Operate [ATO]).
- Execute risk reduction-based policies and procedures, and develop system specific comprehensive cybersecurity processes to include implementation of continuous monitoring.
- Document system architectures to support the cyber analysis, identification, selection, and tailoring of security and privacy controls necessary to protect the system.
- Provide expert level evaluation of designs and proposed implementation solutions to defend weapon systems and critical networks against malicious and non-malicious exploitation.
- Evaluate threat data and develop residual risk recommendations and mitigations to senior DoD and AF leadership based on identification and analysis of weapons vulnerabilities.
- Review and analyze interoperability requirements and review, develop and evaluate resultant specifications and internal and external Interface Control Documents (ICDs).
- Review and propose technical recommendations regarding critical technologies requiring Program Protection Plans (PPP), Anti-tamper (AT) plans, cyber findings, vulnerabilities, and risks.
- Ensure contractual documentation (such as Statements of Work and contract deliverable lists) incorporate cybersecurity requirements and conduct technical evaluations on vendors' proposals to ensure that cybersecurity requirements are properly addressed.
- Provide expert identification, documentation, and assessment of threats, cyber findings, vulnerabilities, attack scenarios, impacts if exploited, and likely timelines for exploitation.
- Provide stakeholders with on-time deliverables, RMF artifacts, cyber impact assessments, and approaches to meet growing ISR & SOF requirements.
Requirements
- Citizenship: Must be a US citizen
- Clearance: Must have and be active Top Secret level clearance, with the ability to obtain SCI
- Certifications: IAT Level II (Security+ CE or other)
- Education: High School Diploma
- Years of Experience: Twenty (20) or more years relevant experience, eight (8) of which must be within the DoD
- Knowledge of and experience adhering to NIST 800-53 requirements
- Experience advising and executing Risk Management Frameworks
- Experience with Program Protection Plans
- Experience with Anti-Tamper plans
- Preferred Certifications: IAT Level III (CISSP or other)
- Preferred Education: Bachelor's Degree or Master's degree (see preferred qualifications for details)
- Preferred Years of Experience: Fifteen (15) or more years of relevant experience, five (5) of which must be within the DoD; OR Master's degree with twelve (12) or more years of relevant experience, five (5) of which must be within the DoD
