AOS Cyber Risk Management Analyst
Company: ANALYGENCE Inc
Location: Hampton
Posted on: March 16, 2023
Job Description:
Company Description
ANALYGENCE, Inc. (ANALYGENCE) is a Disadvantaged, Veteran-Owned
professional services small business established in 2010 on the
principle of providing our customers with results driven
professionals that understand the dynamic customer environment and
can be relied upon to help them achieve their objectives.
ANALYGENCE works with customers to develop and execute innovative
strategies to improve processes and achieve customer goals. Our
people are service-oriented professionals with varying military,
government and industry backgrounds, who understand the level of
commitment and flexibility it takes to progress customers forward
in a dynamic work environment. We cater to the specific needs of
each individual customer to help them lay out a path for
success.
Job Description
ANALYGENCE is seeking cleared Cyber Professionals who want to
thrive in a growing company. We provide support to Headquarters Air
Combat Command (HQ ACC) at Langley Air Force Base, Virginia which
includes a full range of Information Warfare training and
operations, Information Systems & Operations, Communications,
Administrative Support, and Knowledge Based Services across the
air, space, and cyber domains. Relocation Assistance available for
well-qualified candidates.
The AOS Cyber Security/Risk Management Support role will provide
provide AOS proper implementation and sustainment of DoD
cybersecurity and Risk Management Framework (RMF) requirements and
authorization to operate for AOS unique software.
- Develop and Maintain Security Plan for AOS Domain Enclave of
the Air Force Enterprise
- Develop a Security Assessment Plan for AOS domain enclave of
the Air Force Enterprise within Enterprise Mission Assurance
Support Service (eMASS), describing the objectives of the security
control assessment and providing a detailed roadmap for performing
the assessment, to include:
- AOS System Security Plan
- Security Assessment Report
- Risk Assessment Report (RAR)
- Up-to-date POA&M
- Monitor and track execution of POA&M for AOS in order to
identify and monitor corrective action for weaknesses and
deficiencies found during security assessment.
- Perform required cybersecurity analyst (CSA) RMF process steps
for the AOS domain enclave of the Air Force Enterprise (CARP/ADIS),
to include: Categorize System, Select Security Controls, Implement
Security Controls, and Assess Security Controls. Review and
adjudicate system security categorizations decisions for the AOS as
well as final security control sets.
- Review the Security Plan and System Level Continuous Monitoring
Strategy for the AOS domain enclave of the Air Force
Enterprise.
- Provide guidance to AOS on RMF processes and procedures for the
AOS domain enclave of the Air Force Enterprise.
- Categorize and Describe Information Systems in the following
Capacities:
- Categorize Information System - Categorize the information
system and document the results of the security categorization in
the security plan.
- Provide guidance to AOS Stakeholders on the RMF assessment
process.
- Support AOS in embedding cybersecurity and the Risk Management
Framework actions and checkpoints into the appropriate point in the
AOS System Life Cycle (SLC) Management Policy; develop tools,
procedures and templates to support CS and RMF execution under the
SLC.
- Submit status reports on open action items (to include
projected completion dates), issues/concerns and lessons learned.
Reports are to be provided by the 10th of each month
- Perform all required CSA RMF process steps for the AOS domain
enclave of the Air Force Enterprise, to include: Categorize System,
Select Security Controls, Implement Security Controls, and Assess
Security Controls.
- Assess approved technical and non-technical security features
of AOS domain enclave of the Air Force Enterprise to address known
threats and vulnerabilities. The assessment must consider and
identify impacts as well as consideration of existing risk
mitigation strategies.
- Act as an independent and impartial assessor to determine and
certify aggregate cybersecurity risk for recommendations for AOS
domain enclave of the Air Force Enterprise
- Complete Checkpoints (as described in Appendix K of Risk
Management Framework Process Guide, Version 2.0, 4 August 2017) for
the CARP/ADIS and provide recommendations for the Security
Assessment Plan, ensuring all appropriate security controls will be
assessed for compliance.
- Provide quality assurance of an RMF Security Assessment Plan
related to cybersecurity risk for the AOS domain enclave of the Air
Force Enterprise. Qualifications
- Must have current Secret eligibility.
- Minimum 3 years of experience in cybersecurity documentation
and system authorization artifacts (System Security Plan, lifecycle
documentation, continuous monitoring plan, Security Assessment
Plan, Security Assessment Report, Risk Assessment, etc.).
- Possess Information Assurance Management (IAM) level III (DoD
8570.01). It is desired that the contractor possess the Certified
Information Systems Security Professional (CISSP) status. However,
any of the other DoD-approved IA management level III baseline
certifications are suitable for this task.
- Knowledgeable in DoD Information Assurance Certification &
Accreditation Process (DIACAP), RMF and NIST experience in security
control assessments and risk assessments.
- Possess strong technical writing skills.
Additional Information
ANALYGENCE, Inc. is committed to hiring and retaining a diverse
workforce. We are proud to be an Equal Opportunity/Affirmative
Action Employer, making decision without regard to race, color,
religion, creed, sex, sexual orientation, gender identity, marital
status, national origin, age, veteran status, disability, or any
other protected class.
Keywords: ANALYGENCE Inc, Hampton , AOS Cyber Risk Management Analyst, Professions , Hampton, Virginia
Didn't find what you're looking for? Search again!
Loading more jobs...