Cybersecurity Compliance Analyst

About the position LEIDOS has an excellent opportunity for an experienced Cybersecurity Compliance Analyst. This position is in support of a Department of Defense (DoD) organization, US EUCOM located OCONUS in Stuttgart, Germany. This position is temporary lasting 4+ months and can be done remotely. More About the Role: We're looking for a motivated candidate to present products and ideas in a business-like manner. The candidate will be required to work in a dynamic fast paced environment that requires team interaction and coordination of efforts. The candidate must be experienced in interfacing with both client managers and system users. Conducts cybersecurity program/system security status assessments and supports the development of Cybersecurity program(s) including the development of policies and procedures in accordance with DoDI 8500.01 Risk Management Framework. Tracks organizational cybersecurity compliance, ensures necessary remediation needs are communicated, tracks remediation through completion and ensures necessary cybersecurity documentation is accurate and in order. Responsible for conducting a comprehensive assessment of the management, operational, and technical security controls employed within or inherited by information systems to determine the overall effectiveness of the controls. Prepares for, assists with, and monitors cyber assessments (staff assistance visits [SAV], Command Cyber Operations Readiness Inspections [CCORI], NSA Red and Blue Team assessments, vulnerability scans, assessment and authorization [A&A] reviews). Develops technical standards (SOPTTPs, technical implementation instructions, or other required documentation) for security focused processes, security operations and other operations as required for Government approval. Works closely with defensive cybersecurity operation (DCO) teams to identify, monitor and respond to cyber eventsincidents from discovery to closure as a part of the local incident response policies. Interacts with customers, IT staff, and high-level military officials to assist in defining and achieving required cybersecurity objectives for the organization. Conduct Risk Assessments, determine the risk to operations, and provide risk recommendations to the customer after reviewing a system’s overall risk posture as part of the Security Authorization (Authority to OperateConnect) process. Through basic understanding of network security fundamentals, LANWAN switching technologies, routing technologies, infrastructure security technologies and services, reviews network architecture diagrams for cybersecurity compliance. Responsible for assessing and authorizing the use of software and hardware across multiple enterprise networks. Must have experience implementing with the following policies: DODI 8510.01 Risk Management Framework (RMF) for DoD Information Technology CJCSI 6510.01F Assurance (IA) and Computer Network Defense (CND) CNSSI 1253 Security Categorization and Control Selection for National Security Systems CJCSM 6510.01B Cyber Incident Handling Program DODD 8140.01 Cyberspace Workforce Management CJCSI 6211.02D Defense Information Systems Network (DISN): Policy and Responsibilities JFHQ-DODIN TASKORDS, OPORDS, WARNORDS and GENADMINS

Responsibilities

• Conducts cybersecurity program/system security status assessments and supports the development of Cybersecurity program(s) including the development of policies and procedures in accordance with DoDI 8500.01 Risk Management Framework.
• Tracks organizational cybersecurity compliance, ensures necessary remediation needs are communicated, tracks remediation through completion and ensures necessary cybersecurity documentation is accurate and in order.
• Responsible for conducting a comprehensive assessment of the management, operational, and technical security controls employed within or inherited by information systems to determine the overall effectiveness of the controls.
• Prepares for, assists with, and monitors cyber assessments (staff assistance visits [SAV], Command Cyber Operations Readiness Inspections [CCORI], NSA Red and Blue Team assessments, vulnerability scans, assessment and authorization [A&A] reviews).
• Develops technical standards (SOPTTPs, technical implementation instructions, or other required documentation) for security focused processes, security operations and other operations as required for Government approval.
• Works closely with defensive cybersecurity operation (DCO) teams to identify, monitor and respond to cyber eventsincidents from discovery to closure as a part of the local incident response policies.
• Interacts with customers, IT staff, and high-level military officials to assist in defining and achieving required cybersecurity objectives for the organization.
• Conduct Risk Assessments, determine the risk to operations, and provide risk recommendations to the customer after reviewing a system’s overall risk posture as part of the Security Authorization (Authority to OperateConnect) process.
• Through basic understanding of network security fundamentals, LANWAN switching technologies, routing technologies, infrastructure security technologies and services, reviews network architecture diagrams for cybersecurity compliance.
• Responsible for assessing and authorizing the use of software and hardware across multiple enterprise networks.
• Must have experience implementing with the following policies: DODI 8510.01 Risk Management Framework (RMF) for DoD Information Technology CJCSI 6510.01F Assurance (IA) and Computer Network Defense (CND) CNSSI 1253 Security Categorization and Control Selection for National Security Systems CJCSM 6510.01B Cyber Incident Handling Program DODD 8140.01 Cyberspace Workforce Management CJCSI 6211.02D Defense Information Systems Network (DISN): Policy and Responsibilities JFHQ-DODIN TASKORDS, OPORDS, WARNORDS and GENADMINS

Requirements

• At least 3 years of supervisory and technical management experience in Cybersecurity
• Currently hold an adjudicated Secret Clearance and qualify for a TS/SCI clearance
• BA/BS + 8 years recent specialized or AA/AS +10 years recent specialized or a major cert + 12 years recent specialized or 14 years of recent specialized experience
• DoD 8570 IAM III and IAT II Baseline Certification
• Knowledge of DoD IT RMF, USCYBERCOM, and JFHQ-DoDIN
• Advanced Proficiency in Microsoft Office Suite products (Word, Excel, PowerPoint)

Nice-to-haves

• Microsoft Azure Certification (Server Administration)
• Cisco Certified Network / CyberOps Associate
• RedHat Certification Associate
• Proficiency with Microsoft SCCM and/or other automatic reporting tools
• Proficiency with PowerBI
• Experience with ElasticSearch and Splunk
• Adaptable to changing circumstances and operational needs
• Understanding of Department of Defense Military standards
• Experience with DoD IT security requirements
• Experience managing asset accuracy to Critical Success Factors (CSF)
• DoD 8570.01 Certification Compliance (CISSP, ISSEP, CISM)
• CITS3

Benefits

• Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers.
• Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement.
• More details are available here.

Apply tot his job Apply To this Job