We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
#alert
Back to search results

Cybersecurity Analyst

Spectra Tech, Inc.
United States, Pennsylvania, West Mifflin
Nov 12, 2024

Spectra Tech has an immediate need for a Cybersecurity Analyst.

Job Description:
The Naval Nuclear Laboratory develops advanced naval nuclear propulsion technology for the safety and reliability of our Navy's
submarine and aircraft fleet. Our company is looking for a Cybersecurity subcontractor professional to join our team. The
subcontractor will be responsible for execution of all aspects of the National Institute of Standards and Technology (NIST) directives
to support the Risk Management Framework (RMF). This includes assisting information system owners with development of System
Security Plans (SSPs) and Security Assessment Reports (SARs) using the existing RSA Archer application on the Naval Nuclear
Propulsion Network (NNPP Net) to support information system authorization. Additionally, the subcontractor will assist in the
development of Plans of Action and Milestone (POA&Ms) and Risk Based Decisions (RBDs) for deficiencies found during the
information system authorization process.
Required Knowledge, Skills, and Abilities:
* At least four years of combined experience in the following roles; security control validator, security control assessor, Information
System Security Officer (ISSO), or Information System Security Manager (ISSM)
* At least two years of experience supporting development of information system security authorization packages in accordance with
Risk Management Framework (NIST 800-37, 800-53, 800-53a)
* At least two years of experience working with Federal Risk and Authorization Management Program (FedRAMP)
* Security+ Certification
Desired Knowledge, Skills, and Abilities:
* Experience with the RSA Archer application
* At least two years of experience working on IT security project teams
* At least one year of experience managing IT projects
* Knowledge of IT infrastructure and services (Data Centers, physical and virtual servers, local and wide area networking
components, cloud Infrastructure/Platform/Software as a Service, etc.)
* Knowledge of security policies such as NIST Special Publications, Security Technical Implementation Guides (STIGs), DOD Cloud
Computing Security Resource Guide (SRG)
* Knowledge of infrastructure security, endpoint protection, vulnerability management tools
* Previous work authorizing information systems within a classified DoE or DoD environment
* Familiarity with NIST 800-171
* Certified Information Systems Security Professional (CISSP) certification
* Certificate of Cloud Security Knowledge (CCSK) certification
Applied = 0

(web-69c66cf95d-jtnrk)