COLSA
Senior Cyber Analyst/ISSO
COLSA, Huntsville, Alabama, United States, 35824
Job Description
General Summary:COLSA is seeking highly motivated experienced Information Systems Security Officer (ISSO) in support of a dynamic team at Redstone Arsenal, AL. The ISSO will be a part of the team that maintains the authorization of the systems throughout its lifecycle. Provide support and technical expertise related to Defense in Depth principles and technology in security engineering designs and implementation. Be responsible for drafting and maintaining ATO/ATC. The candidate will be able to fully support new and existing inspectable DoD programs. They will manage the Information Assurance team and their work products, ensuring high quality performance and deliverables.
Principal Duties and Responsibilities (*Essential Functions):Ensure compliance with cyber security requirements in accordance with DoD and DoD Component cybersecurity and information assurance policies and guidance
•Support the System Owner in development of a POA&M and budget that addresses the implementation of cyber security requirements throughout the lifecycle of the system
•Support implementation of Risk Management Framework (RMF)
•Maintain and report systems assessment and authorization status and issues in accordance with DoD component guidance
•Coordinate with the organization's security manager to ensure issues affecting the organization's overall security are addressed appropriately
•Continuously monitor the system or information environment for security-relevant events and configuration changes that negatively affect security posture
•Periodically assesses the quality of security controls implementation against performance indicators
•Immediately report any significant change in the security posture of the system, and recommended mitigations, to the ISSM
•Ensure that SSE processes are aligned to, and adequately documented in the program's SEP and PPP, and are executed with sufficient rigor to ensure required security controls are implemented, resulting in the lowest level of residual risk to system operation
•Maintain situational awareness and initiate actions to improve or restore IA posture as well as conducting annual security reviews of all IA controls and a test of selected IA controls
•Assist in training other ISSOs within the team to grow their skillsets in the various aspects of Risk Management Framework and Accreditation/Authorization to include, but not limited to eMASS, SPLUNK, PO&AM generation, etc.At COLSA, people are our most valuable resource and centered at our core value. We invite you to unite your talents with opportunity and be a part of our "Family of Professionals!" Learn about our employee-centric culture and benefits here.
Required Experience
Required Qualifications
Associate's degree or Bachelor's degree in related field or equivalent experience, advanced degree preferred.
Minimum of 3 related certifications may be used in place of unrelated degree field.
Minimum of 10 plus years of work related experience.DoD 8570 IAM Level II or higher certification (CISSP (or associate), CAP, CASP+ CE, CISM, GSLC, etc.)Experience with Risk Management Framework.Experience working with a P-ISSM and AO in getting a RMF ATO from start to finish.Experience in vulnerability scanning and analysis, including the use of automated tools and vulnerability management systems.Understanding of system audit principles and security risk assessment.Strong understanding of security policy advocated by the U.S. Government including the Department of Defense and appropriate civil agencies, e.g., NIST.General experience including development of both common user and special purpose command and control/information systems with increasing responsibilities in the scope and magnitude of the systems for which solutions have been implemented.Familiar with Federal government and DOD standards for IA/security including FISMA, NIST, RMF, and OMB.Must have solid communications skills and be capable of working with all levels of an organization.Must hold a minimum of a SECRET Security Clearance; US Citizenship required;Preferred Qualifications
Master's Degree in Cyber or related fieldCISSP-ISSEPITIL CertificationKnowledge of intrusion prevention and network access control tools/systems.Solid understanding of network infrastructure and mission assurance.
Applicant selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. COLSA Corporation is an Equal Opportunity Employer, Minorities/Females/Veterans/Disabled. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.
General Summary:COLSA is seeking highly motivated experienced Information Systems Security Officer (ISSO) in support of a dynamic team at Redstone Arsenal, AL. The ISSO will be a part of the team that maintains the authorization of the systems throughout its lifecycle. Provide support and technical expertise related to Defense in Depth principles and technology in security engineering designs and implementation. Be responsible for drafting and maintaining ATO/ATC. The candidate will be able to fully support new and existing inspectable DoD programs. They will manage the Information Assurance team and their work products, ensuring high quality performance and deliverables.
Principal Duties and Responsibilities (*Essential Functions):Ensure compliance with cyber security requirements in accordance with DoD and DoD Component cybersecurity and information assurance policies and guidance
•Support the System Owner in development of a POA&M and budget that addresses the implementation of cyber security requirements throughout the lifecycle of the system
•Support implementation of Risk Management Framework (RMF)
•Maintain and report systems assessment and authorization status and issues in accordance with DoD component guidance
•Coordinate with the organization's security manager to ensure issues affecting the organization's overall security are addressed appropriately
•Continuously monitor the system or information environment for security-relevant events and configuration changes that negatively affect security posture
•Periodically assesses the quality of security controls implementation against performance indicators
•Immediately report any significant change in the security posture of the system, and recommended mitigations, to the ISSM
•Ensure that SSE processes are aligned to, and adequately documented in the program's SEP and PPP, and are executed with sufficient rigor to ensure required security controls are implemented, resulting in the lowest level of residual risk to system operation
•Maintain situational awareness and initiate actions to improve or restore IA posture as well as conducting annual security reviews of all IA controls and a test of selected IA controls
•Assist in training other ISSOs within the team to grow their skillsets in the various aspects of Risk Management Framework and Accreditation/Authorization to include, but not limited to eMASS, SPLUNK, PO&AM generation, etc.At COLSA, people are our most valuable resource and centered at our core value. We invite you to unite your talents with opportunity and be a part of our "Family of Professionals!" Learn about our employee-centric culture and benefits here.
Required Experience
Required Qualifications
Associate's degree or Bachelor's degree in related field or equivalent experience, advanced degree preferred.
Minimum of 3 related certifications may be used in place of unrelated degree field.
Minimum of 10 plus years of work related experience.DoD 8570 IAM Level II or higher certification (CISSP (or associate), CAP, CASP+ CE, CISM, GSLC, etc.)Experience with Risk Management Framework.Experience working with a P-ISSM and AO in getting a RMF ATO from start to finish.Experience in vulnerability scanning and analysis, including the use of automated tools and vulnerability management systems.Understanding of system audit principles and security risk assessment.Strong understanding of security policy advocated by the U.S. Government including the Department of Defense and appropriate civil agencies, e.g., NIST.General experience including development of both common user and special purpose command and control/information systems with increasing responsibilities in the scope and magnitude of the systems for which solutions have been implemented.Familiar with Federal government and DOD standards for IA/security including FISMA, NIST, RMF, and OMB.Must have solid communications skills and be capable of working with all levels of an organization.Must hold a minimum of a SECRET Security Clearance; US Citizenship required;Preferred Qualifications
Master's Degree in Cyber or related fieldCISSP-ISSEPITIL CertificationKnowledge of intrusion prevention and network access control tools/systems.Solid understanding of network infrastructure and mission assurance.
Applicant selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. COLSA Corporation is an Equal Opportunity Employer, Minorities/Females/Veterans/Disabled. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.