Logo
Systems Planning and Analysis, Inc.

Cybersecurity Analyst Job at Systems Planning and Analysis, Inc. in Denver

Systems Planning and Analysis, Inc., Denver, CO, United States, 80285

Cybersecurity Analyst

Job Locations: US-CO-Denver

ID: 2024-19400

Category: Cyber Security

Security Clearance Requirement: Secret

Type: Regular Full-Time

Level: Mid-level

Overview

Systems Planning and Analysis, Inc. (SPA) delivers high-impact, technical solutions to complex national security issues. With over 50 years of business expertise and consistent growth, we are known for continuous innovation for our government customers, in both the US and abroad. Our exceptionally talented team is highly collaborative in spirit and practice, producing Results that Matter. Come work with the best! We offer opportunity, unique challenges, and clear-sighted commitment to the mission. SPA: Objective. Responsive. Trusted.

The Space and Intelligence Division provides professional services to the US Space Force, Combatant Commands, Intelligence Community, and NASA. Our work includes enterprise architectural assessments, systems engineering and integration, test, planning and execution, cost estimating and analysis, acquisition support, and cybersecurity. We are trusted partners developing approaches and concepts to meet emerging high priority needs, assessing cutting-edge technologies, and supporting capabilities for our National Defense.

The Space Systems Group (SSG), part of SPA's Space and Intelligence Division, provides timely and objective assessments and recommendations integrating technical, operational, programmatic, policy, and business analysis. We focus on our key clients in the Space community including the US Space Force's Space Systems Command (USSF/SSC), one of the three designated Field Commands under USSF. We work tirelessly to provide integrated solutions based on information and communications throughout the chain of command. We provide clear and consistent analysis and recommendations which are aligned to strategic and leadership goals while balancing the ability to execute on time and on budget within the technical communities.

SPA has an immediate need for a Cybersecurity Analyst.

Responsibilities

This is an exciting opportunity to support the United States Space Force (USSF). The Space Systems Command has the collective USSF mission responsibility for the development, deployment, maintenance and sustainment of space systems providing early missile warning capability; environmental sensing; precision navigation, guidance and timing; nuclear event detection; space launch capability; national and military satellite communications capabilities; launch range and network systems; advanced systems; and technology development programs.

This position will work in close collaboration with the Information Systems Security Manager (ISSM) and Information Systems Owner (ISO) to ensure security posture is met and maintained, develops security policies, procedures, plans, and all other evidence of compliance with various security controls. Creates and maintains RMF documentation to include Enterprise Mission Assurance Support Service (eMASS) and Information Technology Investment Portfolio Suite (ITIPS) database entries with System Security Plans (SSP), Security Assessment Reports (SAR), Plans of Action & Milestones (POA&M), all other artifacts and documentation tied to the NIST processes. You will provide support to maintain a strong cybersecurity posture for the system until its disposal.

  • Build, maintain, and track system's cybersecurity baselines via eMASS or equivalent, IAW cybersecurity policies, guidance and plans.
  • Review, assess, create, and update enclave documentation in eMASS and any Configuration Management (CM) system for the ISSM review and approval.
  • Identify, collect, review, and maintain RMF required artifacts IAW cybersecurity policies, guidance and plans.
  • Ensure accurate system documentation and configuration logs are maintained to reflect current and prior configuration baselines.
  • Provide written evaluations portraying system progress on RMF compliance IAW cybersecurity guidance (one evaluation for each system per quarter).
  • Maintain cybersecurity data for systems registered in the ITIPS IAW FISMA requirements.
  • Conduct and/or report annual FISMA security reviews, contingency test completion dates, and validation of cybersecurity control compliance.
  • Conduct annual control validations (ACVs) for all NC3 systems IAW AF Global Strike Command (AFGSC) cybersecurity guidance.
  • Create and maintain mission common control packages and serve as the common control provider for each mission systems.
  • Create and maintain Authority-to-Connect (ATC) guest system packages in eMASS for non-USSF systems connected to SMC/ECP systems.
  • Ensure the required Cybersecurity functional activities and actions during the systems' O&S phase are conducted IAW Cybersecurity related laws and regulations.
  • Improving Critical Infrastructure Cybersecurity and Resilience including policies, standards, special publications, instructions and guidance from the DoD, Military, NIST, CNSS, Defense Information Systems Agency (DISA), and Department of the AF (DAF).
  • Participate in the system's IPTs and sustainment contractor meetings/teleconferences, change control boards (CCBs) and working groups (WGs).
  • Evaluate system's sources of changes and determine the security impacts of proposed or actual changes to the system.
  • Review and provide inputs to modification packages, program/system documents and support agreements updates.
  • Review system's test plans and test results and if necessary observe system testing for security control implementation.
  • Document all findings. Perform security impact analysis on any system change.
  • Monitor and adhere to the system's A&A schedule deadlines IAW the Program Office's Cybersecurity Plan.
  • Review annually and provide recommended updates to program cybersecurity policies and plans IAW cybersecurity guidance.
  • Review and provide advice on RMF related memorandums of agreements/ memorandums of understanding/ service level agreements/ interconnection service agreements for RMF compliance.
  • Assist with the cybersecurity vulnerability management plan and risk assessment capability.
  • Receive and review ACAS and SCC reports from the sustainment contractor for each system quarterly.

Qualifications

Required Qualifications:

  • Active DOD Secret clearance
  • High School diploma with 6+ years of experience including 2+ years of experience in performing IAT level II or IAM level II functions
  • Associates degree can be substituted for 2 years of experience and a Bachelor's degree may be substituted for 6 years of experience
  • Experience with DoD RMF functions and Processes and/or DISA IASE
  • IAT or IAM Level 2 Certification per DoD 8570.01M

Desired Qualifications:

  • Experience with XACTA, FISMA, eMASS and/or ITIPS
  • Bachelor's degree
  • TS/SCI Clearance

At SPA, we strive to deliver a robust total compensation package that will attract and retain top talent. Elements of the compensation package include competitive base pay and variable compensation opportunities.

SPA provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work.

Please note that the salary information shown below is a general guideline only. Salaries are commensurate with experience and qualifications, as well as market and business considerations. Colorado Pay Transparency Range: 85k - 95k.

#J-18808-Ljbffr