Sr. Level Cybersecurity Policy and Technical Writer Job at Gray Analytics in Hun
Gray Analytics, Huntsville, AL, US
Job Description
Gray Analytics was founded in 2018 with a vision to bring innovative and creative solutions in the cybersecurity, IT, engineering, and scientific spheres. Our customers span across the commercial and federal domains with our goal being to bring excellent customer service to our clients and employees.
Without the bureaucracy that often exists in larger corporations, Gray Analytics offers increased work flexibility, visibility in company progress, and greater opportunities for advancement. It's with our employees' support that we can help our clients achieve mission and operational success.
At Gray Analytics, our goal is simple: to help our country, its businesses, and its organizations improve security in the Cyber realm. Period.
Position: Senior-Level Cybersecurity Policy and Technical Writer
Location: Huntsville, AL
Status: Full-time exempt
Position Description:
Gray Analytics is seeking a Senior-Level Cybersecurity Policy and Technical Writer to join a diverse, highly skilled team to create unique solutions for complex problems.
The Senior-Level Cybersecurity Policy and Technical Writer will gather, analyze, translate, and compose technical information into clear and concise language that is easily understood by technical and non-technical personnel, but also follow government guidelines and directives, to include:
- NIST Special Publications
- Federal Information Security Management Act
- Federal Information Processing Standards
- OMB Directives and Circulars
- Federal Acquisition Regulation
- Defense Federal Acquisition Regulation Supplements
- Other DoD and US Army regulations and governance
The candidate will have the following responsibilities:
- Maintain current and create future technical process environment documents, to include cybersecurity strategies, system security plans, standard operating procedures, and system security operating procedures.
- Conduct a gap analysis of current documentation in the document library and evaluate and make recommendations as to updates and changes.
- Identify enhancements to current documentation and, upon approval from the Government Lead, update related documents or develop new documentation records as needed.
- Compose, edit and review technical documents including user's manuals, training materials, proposals and reports or other customer deliverables and documents as required.
- Support developing internal policies and standards, including oversight and compliance, agreements, and procedures needed to support the operations of US Army Acquisition.
- Support implementation of SharePoint-based workflows, development of dashboards, and provide user level training as needed.
- Review and advise of changes for contractor developed technical documentation and contract proposals.
- Using applicable governance and system security requirements, generate and maintain Statement of Work language for US Army Acquisition contracts.
Additional experience preferred:
- Experience with eMASS and initiating, updating, and maintaining RMF packages.
- Ability to work with system developer to update, maintain, and track RMF and POA&M documentation.
- Experience with ACAS and Security Content Automation Protocol (SCAP) scanning as well as STIG compliance knowledge.
- Documenting preliminary or residual security risks for system operation & manage and approve Authorization Packages.
- Monitoring and evaluating a system's compliance with Department of Defense (DoD) security, resilience, and dependability requirements including performing validation steps, comparing actual results with expected results and analyze the differences to identify impact and risks at the software application, system, and network levels.
- Experience in project management is a plus.
- Work with team to provide solutions and to ensure continued functionality of systems within DoD RMF Framework
Basic Qualifications:
- Degree: Bachelor's Degree & 3+ years of experience in Cybersecurity Domain or
- Non-Degree & 8+ years of experience in Cybersecurity Domain
- Knowledge of the Risk Management Framework (RMF) process and NIST security controls
- Knowledge of NIST SP 800-160, Systems Security Engineering
- 8570 IAM I Certification (i.e. CAP, GSLC, Sec+ CE, etc.)
- The possibility to travel up to 10% of the year.
Other Qualifications:
- 8570 IAM II Certification (i.e. CISSP, CASP+ CE, CAP, CISM, etc.)
- Knowledge of information system architecture and standards as they apply to cyber security
- Experience in a DoD security environment preferred
- Candidates should have strong communication and writing skills; be able to work in a team-oriented environment supporting a diverse customer base comprised of program managers, engineers, analysts, specialists, and technicians; and strong attention to detail.
Security Requirements:
- Candidate must be a US Citizen and possess (and be able to maintain) a Final Secret Clearance or meet the eligibility to obtain (and maintain) a Secret Clearance.
About Gray Analytics
Gray Analytics values our employees as our most important resource. To showcase these values, we offer not only traditional medical, disability, life, etc. coverages that begin on day one of employment, but also unique benefits to improve our employees' quality of life. Some of these unique benefits include:
- A PTO policy based on total years of experience, not years of service to the company. PTO is available for use immediately at hire, subject to company needs.
- Eligibility for 401K contributions and company matching, Pet Insurance through Spot, Flexible Spending Account, and Tuition and Professional Development Funds begin on day one of employment.
- Charitable donations program on a yearly and quarterly basis where employees can nominate a non-profit of choice to receive donations.
Gray Analytics is an Equal Opportunity Employer and VEVRAA Federal Contractor. This contractor and subcontractor shall abide by the requirements of 41 CFR 60-1.4(a), 60-300.5(a) and 60-741.5(a). These regulations prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on their race, color, religion, sex, gender identity, sexual orientation, or national origin. Moreover, these regulations require that covered prime contractors and subcontractors take affirmative action to employ and advance in employment individuals without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, protected veteran status or disability. Gray Analytics, Inc. welcomes minority and veteran applicants.