SRA International, Inc., A CSRA Company Cyber Security Analyst in Pensacola, Florida
Clearance Level Must Currently Possess:
Clearance Level Must Be Able to Obtain:
No Suitability Required
Candidate should be familiar with Risk Management Framework, RMF/A&A is replacing DIACAP/C&A processes for accreditation's. Applies knowledge of current IA policy at the national IA structure; roles
of major organizations how they interrelate and interact, and shortcomings in this structure.
Reviews and recommends IA solutions to customer problems based on an understanding of how products and services interrelate and support the IA mission and the viewpoints of the consumers of those products and services. Analyzes and recommends resolution of IA problems based on knowledge of the
major IA products and services, an understanding of their limitations, and a working knowledge of the disciplines of IA.
Input pertinent IA data posture information, inclusive of acknowledgement and corrective actions taken, into both eMASS and VRAM. This would include scans, asset baselines, configurations, POAMs, IAV, CTO, FRAGO, EXORD, WARNORD, SCAP, and STIG compliance Review Information Assurance Vulnerability Alerts (IAVAs), Information Assurance Vulnerability Bulletins (IAVBs) and other identified security vulnerabilities in the unclassified and classified environments.
Coordinate IAVAs, IAVBs and fixes with the Infrastructure Support network, system and database administrators as well as maintaining IAVA and IAVB status in VRAM and eMASS as required.
Direct the testing of each software patch released with an IAVA, IAVB or other security patch to ensure it will not adversely impact the functionality of the network(s) and applications(s). Input pertinent IA data posture information, inclusive of acknowledgement and corrective actions taken, into both eMASS and VRAM. This would include scans, asset baselines, configurations, POAMs, IAV, CTO, FRAGO, EXORD, WARNORD, SCAP, and STIG compliance.
Implement security procedures and patches as required and update all system and configuration management documentation to reflect the software patches. Review installed Hardware and Software to ensure all DADMS compliance measures are satisfied.
Ensure the IAVAs, IAVBs and other security vulnerabilities are coordinated with the MSC IA Team and corrected by the compliance due date. Support the Afloat IAM regarding system vulnerability and status of fixes (number done, estimated time to completion, etc.) and provide information to complete the required mitigation plan if the compliance due date cannot be met. The information provided as part of the mitigation plan must include the reason for the mitigation plan, number of affected assets, estimated completion date for fixing the vulnerability, and a description of the mitigating controls being implemented to manage the vulnerability until the actual documented fix is implemented.
Accomplish IA vulnerability scanning of the local ATAC network using approved IA tools (e.g. ACAS). Direct the correction/mitigation of all identified vulnerabilities. Update eMASS and VRAM with all required data afterwards. Assist with research, data gathering, data collation for ad hoc reports, data calls and special projects. Assist with other special projects and duties as assigned.
Work with Networks team on preparing documentation as required for Accreditation efforts.. This would include creating, requesting, modifying existing, and uploading OV-1 through OV-3 drawings, SV-1 through SV-4
drawings, boundary diagrams, systems block diagrams, Ports and protocol listings, etc. Coordinate with the MSC IA Team towards satisfaction of all mandated tasking.
BS or equivalent + 2 yrs related experience, or MS + 0 yrs experience
IAM Level I required
Secret clearance is required to start work
May substitute experience for degree.
Must be knowledgeable on VRAM and eMASS systems.
Must be knowledgeable on ACAS scanning and review of output data. Actual hand-on experience with running ACAS scans on distributed networks is preferred.
Should understand DADMS concepts and policies.
Has and can apply, in an operational setting, knowledge of DoD IA products and services, an understanding of their limitations and a working knowledge of the disciplines of IA, as well as the generalized knowledge of the underlying Operating Systems and/or COTS/GOTS/Custom S/W and its peculiarities. Applies knowledge of current IA policy, tactics, techniques, policy, and doctrine, and relationship to IA reporting requirements and structure.
Knowledge of, familiarity and experience with Microsoft Server 2003, 2008, 2012 and Windows 7/10; networks, servers, routers, printers, associated and related hardware, software, and peripheral devices
# of Openings:
Scheduled Weekly Hours:
T elecommuting Options:
Telecommuting Not Allowed
USA FL Pensacola - 130 West Ave, Bldg 603, Rm 335B (FLC012)
Additional Work Locations:
CSRA is committed to creating a diverse environment and is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.
THINK NEXT. NOW.
CSRA is tomorrow’s thinking, today. To “Think Next. Now.” is to imagine a better future and to deliver it, today. For our customers, our partners, and ultimately, all the people our mission touches, CSRA is realizing the promise of technology to change the world through next-generation thinking and meaningful results.
We understand that our customers' missions require new methods and imaginative thinking. We bring together government IT professionals, emerging technologies, and the brightest, cutting-edge advisors in the industry to deliver a broad range of innovative, next-generation IT solutions and professional services to help our customers modernize their legacy systems, protect their networks and assets, and improve the effectiveness and efficiency of mission-critical functions for our warfighters and our citizens.
Everywhere you look, CSRA is there. We’re in our nation’s infrastructure, in training and education, in cyber security, in serving veterans who served us—and, so much more. Take some time to learn more about CSRA. You might be surprised to learn how we touch your life.
We are a company of 18,000+ smart, talented individuals, yet we enjoy a start-up culture that inspires us to make a difference while delivering results in this rapidly evolving world. Join our team and use your skills and expertise to support the safety, security, health and well-being of the nation.