Senior Cyber Security Analyst

MANTECH is seeking a motivated, career and customer-oriented Senior Cyber Security Analyst to join our team in support of a USMC Contract in Stafford, VA.

The core responsibility of the Cyber Security Analyst is to perform analysis of cybersecurity packages using the Risk Management Framework (RMF) process to achieve an Authority to Operate (ATO) while supporting the Marine Corps Systems Command (MCSC) in Quantico, VA. This position works closely with government officials and senior engineers

 
Responsibilities include, but are not limited to:

• Ensure system documentation reflects current system security configurations to include hardware and software components, data flow, interconnections, and ports, protocols, and services, etc.

• Perform Compliance reviews and analyses to verify compliance with federal requirements (e.g., EO, OMB Memos, A-130, NIST SP 800-37, 800-53, FIPS199, and FIPS-200, etc.).

• Perform analyses of security implementations for assigned systems pertaining to people, processes, and technologies, identify gaps and recommend solutions.

• Conduct daily, weekly, monthly compliance monitoring of assigned systems for all RMF steps.

• Research major obstacles related to the ever-changing FISMA requirements, which customers will need to overcome and provide recommendations.

• Review waiver and risk acceptance requests for compliance with the Agency's Policies and Procedures.

• Provide Quality Reviews of security documentation to ensure accuracy and compliance throughout the RMF and Cloud RMF process.

• Assist in the preparation and review of documentation to include System Security Plans (SSPs), Plans of Action and Milestones (POA&Ms), Authorization Recommendations (ARs), Cybersecurity Strategies (CSSs), and other A&A artifacts.

Minimum Qualifications:

• Bachelors Degree and at least 5 years of related Cyber Analyst experience (additional 2 years of experience can be substituted in lieu of degree):

• Must be compliant with DoD 8140 at an intermediate or advanced level. Thus, will need a CASP+CE, Security+, CISSP, or CISM certification.

• Experience and knowledge on NIST guidelines, FISMA, Cybersecurity principles and methodologies, Executive Orders (EO's), Office of Management and Budget (OMB) Memorandums, Federal, DoD and CISA Technical Reference Architectures, Maturity Models, Risk Management Framework (RMF), Cybersecurity Framework (CSF), and technical knowledge of IT systems.

• Strong Proficiency with Enterprise Mission Assurance Support Service (eMASS) and eMASSTER tools.

• Knowledge of and experience using relevant cybersecurity and analysis tools such as Nessus Security Center, Splunk, DoD Knowledge Service, etc.

• Must be able to conduct system analysis and quality reviews to detect performance issues.

• Experience applying an enterprise-wide set of disciplines for the planning, analysis, design and construction of information systems on an enterprise-wide basis or across a major sector of the enterprise.

• Experience applying reverse engineering and re-engineering disciplines to develop migration strategy and planning documents

Preferred Qualifications:

• USMC or Navy Validator certified

• Experience with cloud-based environments and technologies is preferred.

• Well versed in developing compliance solutions to resolve weaknesses or challenges

• An analytical mind with excellent problem-solving ability.

• Good communication skills and have good interpersonal, organizational, and analytical skills.

Clearance Requirements:

• Must have a DoD Secret clearance with the ability to obtain a Top Secret clearance.

Physical Requirements:

• This job largely operates in a professional office environment.

• Ability to sit for extended periods of time.