Cybersecurity Systems Analyst

Company: Attain
Location: Aurora
Posted on: February 23, 2021

Job Description:

Who We Seek:

• Passion Seekers. You genuinely care about the work that you do and its impact on society.
• Self-Starters.You're a go-getter who isn't afraid to step up and disrupt the status quo.
• Entrepreneurs.You bring fresh ideas to the table, work hard, develop business and consistently seek new challenges.
• Collaborators.You're a great contributor to a high performing team that accomplishes great feats for our clients. What You Will Do: The Cybersecurity Systems Analyst will assist in the RMF Continuous Monitoring activities of the program to ensure that operating systems (OS), networking, and infrastructure components are compliant with the NIST 800-53 controls, and program policies and procedures. Specifically, this involves the implementation and utilization of various monitoring strategies and the delivery of the results to Leadership in a timely manner. There will be collaboration with other teams (application, database, and third party administrators, Program Management Office, Leadership, and the end-user community). This full-time position will report to the Information System Security Officer.
  • Working with third party hosting provider to ensure OS compliance and to enhance the security posture of the program.
  • Monitor systems for compliance and IA activities necessary to protect data from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.
  • Develop, update and enforce policies, procedures and standards dictated by guidelines produced by government and program mandates.
  • Gather system and security controls documentation and evidence.
  • Track vulnerabilities by creating and monitoring POA&Ms.
  • Report on Information Assurance Vulnerability Alerts (IAVA) and monitor for timely completion.
  • Create automated STIG configuration checks that result in non-compliance notifications.
  • Perform periodic self-assessment across all applications and track open vulnerabilities.
  • Advise on secure implementation strategies for relevant projects.
    
    Required Skills:
    • 5+ years of IT working experience with Solaris and Linux operating system services and security. Windows OS experience a plus.
    • Familiarity with end point security products such as HBSS, HIPS, GPOs, etc.
    • Understanding of networking fundamentals such as TCPIP, subnets, firewalls, protocols and services, etc.
    • Working knowledge of OS security topics such as vendor patching methodologies, auditing configurations, interpreting ACAS/Nessus reports, etc.
    • DoD OS STIG experience preferred
    • DoD Public Key Infrastructure (PKI) - server certificates, person and non-person entities, user authentication, etc.
      
      General Qualifications:
      • Government Clearance preferred
      • Education/Certification
        • Bachelor's degree from an accredited university in a related field (computer science, engineering, or information systems).
          • May substitute 15 years of experience for a bachelor's degree.
          • Candidates MUST have or be able to obtain a Security+ certification within 6 months of hire date.
          • Communication
            • College-level communications (both oral and written). It is essential to adapt the content delivery based on the target audience (management vs. technicians). Must be able to review and write technical policies and standard operating procedures.
            • Organization and Attention To Detail
              • Excellent organization and attention to detail in tracking and reporting compliance activity and trend analysis of enterprise vulnerabilities. Able to manage several tasks concurrently and prioritize tasks. Desired Skills:
                • Cloud Services experience such as AWS, Azure, and Google Cloud Platform
                • Understanding of security frameworks such as the NIST 800-53 security controls, RMF, DIACAP, etc.
                • Experience with internal and/or external audits and providing artifacts/evidence
                • Working experience with eMASS
                • Data analysis and reporting with Splunk
                • Demonstrated ability to build trusted advisor relationships with clients
                • Experience supporting sales and business development
                • Experience with financial management
                  
                  Years of Experience: 5+ Certifications: MUST have or be able to obtain a Security+ certification within 6 months of hire date. Minimum Education Required: Bachelor's Degree Due to Federal Requirements, can be considered About Us: Attain is a place for great ideas and the people who have them. As a digital solutions, management, and strategy consulting firm, our professionals provide innovative solutions to revolutionize government, education, health, and nonprofit organizations and positively impact those they serve. We are business analysts, technologists, digital strategists, managers of change, and forward thinkers, with the entrepreneurial drive to shape the future. With a nationwide presence, our team is in 40 states and the District of Columbia. Visit to explore your path forward with Attain. Attain is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. Applicants have rights under Federal Employment Laws. For more information on Equal Employment Opportunity visit EEO and EEO Poster Supplement , Family and Medical Leave Act (FMLA) , Employee Polygraph Protection Act (EPPA) . - provided by Dice

Keywords: Attain, Aurora , Cybersecurity Systems Analyst, Professions , Aurora, Colorado