Procession Systems 354- Cyber Analyst in Aberdeen, Maryland
354- Cyber Analyst
Posted 2 weeks ago
Develop Cyber Security documentation validating software quality, security, reliability and maintainability attributes. Identify gaps in Cyber Security/CND posture and assess risks
Participate in development and review of DIACAP/RMF documentation, Networthiness Documentation, and ensure STIG compliance and validation.
Provide quality assurance specialist support including formulating, coordinating, directing, and executing all quality assurance policies, tools, and training programs; conducting internal controls reviews to ensure product assurance competency and the effectiveness of surveillance activities.
Develop strategies, goals, tasks, roles, responsibilities, and information needs for Cyber Security surveillance and oversight.
Review information systems for compliance with applicable DoDI 8500.01 and DoDI 8510.01
Provide IS security advice and guidance in accordance with applicable regulations, and directives and guidance to Government and DoD partners for the protection of data at all classification levels including SCI.
Evaluate and recommend approval, disapproval, or waiver(s) for IS processing national security data.
Provide input or consideration in the promulgation of future security policy.
Support and/or conduct site visits and assessments to inspect and verify IS reports and plans at various locations, and provide a written report for review and approval.
Prepare reports and memoranda, to include, but not limited to: Memoranda for the Record (MFR), Memoranda of Agreement (MOA), Authorization To Proceed, and status and technical briefs for review and approval by government Cyber Security.
Update data on Government-provided databases with current information about IS status.
Prepare, review, and record notification and status messages to indicate A&A state of systems to system owner or programs.
Ensure IS security requirements, including applicable RMF directives and guidance, are addressed and applied; appropriate documentation prepared by the system owners or programs inclusive of the Security Assessment Package, Concept of Operations (CONOPS) Plan, System Security Plans, System Requirements Traceability Matrix, Risk Management Matrix, Test Results, interface control documents, requests for changes, test plans, and other related program security documentation.
Track completion of the Security Assessment Package and report status.
Provide preparation of the Security Assessment Report (SAR). The SAR contents include, but not limited to, the Summary of Assessment results and Authorization Recommendation.
5 years of experience
Bachelor’s degree; may be substituted with years of experience as follows:
3 years of experience and a Master’s degree
0 years of experience and a PhD
ActiveTop Secret/SCISecurity Clearance