Cybersecurity Analyst
Fort Belvoir, VA

Job Description

TIAG is currently hiring a Cybersecurity Analyst to join our team in Fort Belvoir, VA supporting the Regional Health Command-Atlantic. This position requires that the candidate have active Public Trust clearance.

Responsibilities Include:

* Perform IT security assessments and develop certification and accreditation plans for RHCA and its Medical Treatment Facilities (MTF).
* Assist MTF's with conversion from DIACAP to RMF.
* Review, analyze, and provide guidance for Information Assurance Vulnerability Management compliance scans on networks & computing devices.
* Evaluate Regional Computer Emergency Response Team-Continental US (RCERT-CONUS) and Army Computer Emergency Response Team (ACERT) alerts and provide local assessments of vulnerability to IAM and local DOIM management.
* Interpret and apply Defense Information Systems Agency (DISA) Security Template Implementation Guide (STIG).
* Provide map and gap of sites from DIACAP to RMF and uploading into eMASS.
* Provide technical, administrative direction, and review for Information Assurance (IA) and Security controls in eMASS as it pertains to RMF for MTFs throughout the region and for Systems.
* Identify industry accepted standards, IT standards for validated data, access control, roles definition, authentication methods and apply to existing systems.
* Review and assess existing networks and systems to identify and understand vulnerabilities in order to create a POAM or work with the technical team to mitigate the vulnerability. Assess the system or network to ensure that it has been STIGd appropriately to operate on the DoD or Army network according to Army and DoD Cyber Security Standards.
* Contribute to research and analysis, and translate security policy and requirements to define best methods and practices.
* Provide technical guidance on implementation of security mechanisms and controls.
* Develop System Security documentation, including FIPS-199 determination, e-Authentication, privacy threshold analysis, privacy impact assessment, system security plans (SSP), IA policies, Rules of Behavior, security test and evaluation (ST&E) plans, risk assessment plans and reports, business continuity plans, disaster recovery plans, incident response plans, contingency plan, contingency plan test report, plans of action and milestones (POA&M) development, exception and waiver letters development, annual security control self-assessment, and continuous monitoring activities.
* Participate in systems analysis, systems development, and information technology program management.
* Participate in the development of electronic commerce systems or electronic government projects, including development of agency policies and procedures.
* Work closely with project managers and senior technical leads to ensure work meets client objectives.
* Participate in the preparation of project briefings and reports.
* Present oral reports/briefings.
* Develop/contribute to guidelines/plans/policies, analyses and reviews that require IA expertise in the areas of security incident response, IA ticket assignment, tracking and response, vulnerability scans, security assessments, accreditation/certification.

Required Experience and Skills:

* Bachelors degree in Information Systems and three (3) years of Information OR (5) years of experience with System Administration and/or Cyber Security
* Technology experience or five (5) years technical experience with Cyber Security
* Security+ certification
* Knowledge of EMASS.
* Knowledge of IAVM Reporting
* Knowledge of Operation Order (OPORD) Evaluation and Implementation
* Knowledge of Assured Compliance Assessment Solution (ACAS)
* Knowledge of Security Content Automation Protocol (SCAP)