Cyber Security Analyst

Responsibilities Assist with Development and Maintenance of Security Plan for AOS Domain Enclave of the Air Force Enterprise Assist with the Development of Security Assessment Plans for AOS domain enclave of the Air Force Enterprise within Enterprise Mission Assurance Support Service (eMASS), describing the objectives of the security control assessment and providing a detailed roadmap for performing the assessment, to include: AOS System Security Plan, Security Assessment Report, Risk Assessment Report (RAR), and Up-to-date POA&M Assist with Monitoring and Tracking the Execution of POA&M for AOS in order to identify and monitor corrective action for weaknesses and deficiencies found during security assessment. Assist with RMF Steps for the AOS domain enclave of the Air Force Enterprise (CARP/ADIS), which May Include: Categorize System, Select Security Controls, Implement Security Controls, and Assess Security Controls. Review and adjudicate system security categorizations decisions for the AOS as well as final security control sets. Assist / Support AOS in embedding cybersecurity and the Risk Management Framework actions and checkpoints into the appropriate point in the AOS System Life Cycle (SLC) Management Policy; develop tools, procedures and templates to support CS and RMF execution under the SLC. Assist with status reports on open action items (to include projected completion dates), issues/concerns and lessons learned. Reports are to be provided by the 10th of each month Assist in assessing approved technical and non-technical security features of AOS domain enclave of the Air Force Enterprise to address known threats and vulnerabilities. The assessment must consider and identify impacts as well as consideration of existing risk mitigation strategies. Assist with Quality Assurance of an RMF Security Assessment Plan related to cybersecurity risk for the AOS domain enclave of the Air Force Enterprise. Requirements Active DoD Security Clearance ** Eligibility ** 3+ Years Of Experience in Cybersecurity documentation and system authorization artifacts (System Security Plan, Lifecycle Documentation, Continuous Monitoring Plan, Security Assessment Plan, Security Assessment Report, Risk Assessment, RMF / NIST, etc.)