Sumaria Systems, Inc. PROP - Cybersecurity Analyst in Rome, New York
PROP - Cybersecurity Analyst
Department: Information Technology Division
Office: Rome NY/AFRL
Location: Rome , NY
START YOUR APPLICATION
CONTINGENT ON CONTRACT AWARD
Job Title: Cybersecurity Analyst
Job Description: Deliver Cybersecurity (T&M): Provide cybersecurity measures, secure systems and ensure compliance.
Provide Computer Network Defense (CND) support IAW Chairman of the Joint Chiefs of Staff Manual (CJCSM) 6510.01B Cyber Incident Handling Program. Identify, implement, and ensure full integration of IA into all phases of acquisition, upgrade, or modification of Enterprise programs, including initial design, development, testing, fielding, operation, and sustainment.
Implement and enforce Air Force IA policies and procedures using applicable DOD and AF IA publications. Ensure IT is operated, used, maintained and disposed of properly. Ensure that personnel accessing information systems have the proper and current IA certification to perform IA functions in accordance with AFMAN 17-1303 Information Assurance Workforce Improvement Program. Meet the applicable IA certification requirements, including DoD-approved IA workforce certifications appropriate for each category and level as listed in the current version of DoD 8570.01-M; and appropriate operating system certification for IA technical positions. Upon request by the Government, provide documentation supporting the IA certification status of Contractor personnel performing IA functions. Contractor personnel who do not have proper and current certifications shall be denied access to DOD information systems for the purpose of performing IA functions. Maintain currency in all applicable Federal policies, directives, guidelines and best practices. Identify and recommend changes to business process as new or rescinded guidance is approved. Comply with all applicable directives, regulations, policies, checklists, and authoritative DISA Security Technical Implementation Guides (STIGs). Coordinate with appointed functional representatives (e.g. Information Assurance Officer (IAO), Information System Security Officer (ISSO), Staff Agency Security Manager (SASMs), Computer System Administrators (CSAs), CSTs) to address and resolve issues related to compliance with Cybersecurity requirements or any impacts affecting the overall security posture.
Provide guidance on performing risk assessments, implementation of security controls, and the overall Certification and Accreditation (C&A) process to customers and user base. Provide initial and recurring training on usage of DOD and AF applications used in the submission, tracking, and feedback of C&A packages (e.g. eMass). Manage, implement, and execute local IA Training Education (IATE) programs. Identify impacts from applicable regulations, instructions, policies, and other Government documentation. Ensure all users are provided with appropriate privacy and security notices to include statements informing them they are subject to monitoring, recording and auditing. Comply with any additional Notice of Consent to Monitoring requirements identified by the Government Point of Contact (POC). Implement and sustain Remnant security processes to protect the confidentiality of information on Information Systems (ISs). Methods to protect confidentiality include sanitization, overwriting, and destruction. Each method provides specific levels of information protection. All documents, equipment, and machine-readable media containing sensitive or classified data shall be cleared, sanitized, or destroyed before release to unauthorized personnel or outside DoD control (outside its security domain) according to AFMAN 17-1301, Chapter 5, Remnant Security, and AFI 31- 401.
Provide recommendations for hardware and software purchases including budget inputs, end of year funding proposals, End Of Life (EOL) refresh, technology refresh, upgrades/enhancements, warranty service and maintenance service contracts, sole source or brand name justification documentation. Insure all software for use on Air Force networks has been evaluated and certified/assessed by the appropriate Security Control Assessor (SCA). Compliance Tracking (CT): Serve as the primary interface with external Government and military organizations that provide Cybersecurity compliance mandates and validation. Review, assign, disseminate and track compliance notifications through their respective tracking systems. Provide assistance and support to system owners or responsible parties to remediate findings and submit response to issuing organization by suspense date identified in compliance notification. Establish and document a Plan of Action and Milestones (POA&M) to resolve non- compliant issues exceeding the suspense date.
Vulnerability Assessment (T&M): Provide the discovery and management of vulnerabilities on all IT assets and network enclaves. Vulnerability management functions are clarified by patch management and scanning. Perform vulnerability assessments on all IT assets, both hardware and software-based components, and systems connected to operational networks on a daily basis. Identify and perform actions to remediate vulnerable or non-compliant systems connected to the operational network to include disconnecting, isolating, and denying future network connectivity. Notify the system owner(s) and provide details of affected systems, their violations, and the impacts and ramifications of non-compliance.
Assess and validate the implementation of security controls necessary for the level of protection appropriate or otherwise required for a particular system(s). Identify and remediate systems connected without proper authority. Leverage DOD and AF provided tool suites (e.g. Shavlik, Tenable) to create custom testing and assessment procedures where no automated tool is available. Develop and provide initial and recurring training to authorized users that perform assessments and compliance checking. Identify and recommend additional tools or applications that will increase the efficiency and productivity in performing assessment activities. Upon approval, install, operate, maintain and provide basic user training on the tool/application.
Perform initial vulnerability scans and assessment of a system connecting to the network within the first 24 hours. Coordinate deployment schedule with system owner. Identify and assist system owners in remediating insecure configurations by providing guidance on STIGs and information security best practices. Provide the Government Information System Security Manager (ISSM) a weekly report summarizing any discovered vulnerabilities, responsible/responding parties, impacts, remediation steps and deadline. Comply with remediation schedule for the level identified: Critical-ASAP, High-3 workdays, Medium-7 workdays, Low-90 days. Scan the affected system(s) until vulnerability is corrected. For systems that cannot meet remediation, document and recommend to the ISSM a POA&M or system isolation/disablement.
Incident Response (T&M): Provide incident response for network monitoring and intrusion detection. Notify the Government ISSM immediately when a significant event (Category 1 or 2) (e.g. intrusion or breach) has occurred or vulnerability is discovered that severely impacts the overall security posture of the operational networks. Coordinate and staff responses to incident handling to Integrated Network Operations and Security Center (INOSC), 624th OC, USCYBERCOM, their delegates and other authorized federal agencies. Investigate improper, abusive, or misuse of IT assets IAW applicable DOD and AF policies and guidance. Upon discovery or receipt of notification from external organization/agency, analyze affected computer systems and gather digital evidence in support of objectives provided by the ISSM or authorities. Investigate each potential incident to determine the following, but not limited to whether or not a compromise has occurred, its severity category, the timeline/sequence of events, all corresponding vulnerabilities and attack vectors, the responsible system owner(s), and current status of C&A approval along with the latest assessment prior to occurrence of the incident. Coordinate with affected users and system owners to implement remediation plan and submit to the ISSM for approval.
Monitoring and Intrusion Detection (M&ID):
Provide Ports, Protocols, and Services (PPS): (T&M): Manage PPS requirements for networks at AFRL/RI IAW AF requirements. Adhere to the requirements for the design, documentation, approval, registration, and implementation of PPS across Air Force enclave boundaries according to Air Force System Security Instruction (AFSSI) 8551, Ports, Protocols, and Services (PPS) Management.
Security Baseline and Boundary Protection (T&M):
Provide and manage the creation and maintenance of a security baseline for systems on the AFRL/RI network(s) to include boundary, firewalls and Intrusion Protection System (IPS) management.
Provides support in all areas of project requirements.
Certifications Required: Security+, Window/Linus Server
Education: Bachelor-s degree, Education requirement may be waived for exceptionally qualified personnel.
Year-s Experience: 3 - 6 years of experience
Security Clearance Required: must have an ACTIVE Secret Security Clearance
Position Type: Full Time
Work Location: Rome Research Site, Rome NY
Top salaries paid for qualified candidates.
For more information on Sumaria Systems, please visit our website at www.sumariasystems.com
Sumaria is an equal opportunity employer and considers qualified applicants for employment without regard to race, color, creed, religion, national origin, sex, sexual orientation, gender identity and expression, age, disability, or Vietnam era, or other eligible veteran status, or any other protected factor.
Sumaria Systems, Inc. (Sumaria) is a market leader in Professional Services, Engineering, and Information Technology has been a trusted partner to U. S. Department of Defense communities for more than 30 years. With expertise to lead, insight to deliver and commitment to succeed; we staff each mission with a carefully selected team of seasoned professionals. Headquartered in Danvers, MA, with operating locations in Alabama, Colorado, Georgia, Illinois, Ohio, Oklahoma, Utah, and Virginia