Cybersecurity Compliance Analyst Senior

Amentum

20h•$135,000 - $150,000

About The Position

Amentum is seeking a Cybersecurity Compliance Analyst Senior to provide Security Control and Risk Assessments for the Space Force Range Contract (SFRC). Essential Technical and Administrative Cybersecurity Functions: Take direction from and execute the policies and processes established to improve and advance SFRC and cybersecurity across the Western Launch Range Serve as a cybersecurity professional representing SFRC to the government and associated customers. Provide risk and security control assessment Subject Matter Expertise (SME) support to all SFRC departments and work centers as required. Independently complete authenticated scans via Nessus, SCAP Compliance Checker, and others. Conduct IP packet captures, review and access IP traffic, and populate Ports, Protocols, and Services Management (PPSM) documentation. Analyzing network device configuration files, access control lists, and apply appropriate Security Technical Implementation Guide (STIG) settings, and record and report settings in a STIG checklist Keep up to date with new technologies and capabilities to maintain relevant awareness of cybersecurity and information technology advancements Organize, develop, and present briefings, written summaries, and reports incorporating detailed technical data, risk analyses, and courses of action, appropriately tailored to the receiving audience Obtain and maintain a SIPRNet account with continuous access to eMASS, develop broad eMASS expertise, and provide training as needed Safeguard and ensure the integrity of company, customer and government data. Support efforts to transition to updated Risk Management Framework versions as necessary. Develop, modify, and review documentation, analyze the cybersecurity posture and architecture of Range IT systems for compliance with DoD/DOW and NIST policies. Able to acquire and maintain cybersecurity relevant certifications based on DoD 8140 guidance Organizational support across the contract Assist the SFRC Operations and Maintenance (O&M), Engineering, and Business Systems organizations in the development, implementation, inspection, and improvement of cybersecurity requirements Monitor workflow to ensure delivery of products is on time in accordance with requirements. Meet contractual requirements by planning, organizing, and prioritizing multiple projects and initiatives to ensure target dates and goals are achieved. Ensure work products are reviewed prior to release to ensure a quality product and consistency with SFRC operating instructions, policies, procedures, and organizational responsibilities. Develop and maintain procedures and work instructions in accordance with applicable contract Performance Work Statement (PWS) and the Contract Deliverable (CDRL) requirements Work with the cybersecurity manager to identify and analyze performance metrics and collaborate with team members to formulate service improvement recommendations. Provide SME guidance to aid and develop business processes for consistency and efficiency across the SFRC enterprise. Identify issues or process improvements and provide support

Requirements

Self-motivated team player capable of working with minimum direct supervision
Strong organization and time management skills
Strong analytical and problem-solving skills for resolving both technical and cybersecurity issues
Strong interpersonal, communication, and presentation skills for interacting with team members and customers
Ability to work in a team environment
Maintain a professional image
Ability to research policies, procedures, standards, and guidance, and appropriately apply technical settings, always with the mindset of keeping the Range, launch ready
Ability to prepare and execute detailed computer system analysis, including interim and final reports and presentation of analysis data
Eight (8) or more years of experience in information technology, Windows or Linux system administration, networking, or telecommunications
Experience working with: Vulnerability and patch management tools Installation, configuration, and modification for various IT systems: Firewalls and network appliances Application and Operating system software Various computer hardware interfaces e.g., serial, IP, SRIO, etc. Security architectures e.g., Risk Management Framework, Zero Trust, etc. Network hardware operating systems and configurations (Cisco IOS, Juniper JUNOS)
Strong understanding of DoD Cybersecurity Policies and Procedures
Ability to conduct Information Systems vulnerability assessment, risk mitigation, and Plan of Action and Milestone (POA&M) development, and tracking, understanding and application of mitigation strategies
Experience with vulnerability scanning and security settings evaluation software and report functions
Network and/or System Administration technical expertise with Microsoft operating systems, Linux/Unix operating systems, Cisco products, and VMWare/virtualization.
Experience with eMASS and the Authority To Operate (ATO) workflow process

Responsibilities

Take direction from and execute the policies and processes established to improve and advance SFRC and cybersecurity across the Western Launch Range
Serve as a cybersecurity professional representing SFRC to the government and associated customers.
Provide risk and security control assessment Subject Matter Expertise (SME) support to all SFRC departments and work centers as required.
Independently complete authenticated scans via Nessus, SCAP Compliance Checker, and others.
Conduct IP packet captures, review and access IP traffic, and populate Ports, Protocols, and Services Management (PPSM) documentation.
Analyzing network device configuration files, access control lists, and apply appropriate Security Technical Implementation Guide (STIG) settings, and record and report settings in a STIG checklist
Keep up to date with new technologies and capabilities to maintain relevant awareness of cybersecurity and information technology advancements
Organize, develop, and present briefings, written summaries, and reports incorporating detailed technical data, risk analyses, and courses of action, appropriately tailored to the receiving audience
Obtain and maintain a SIPRNet account with continuous access to eMASS, develop broad eMASS expertise, and provide training as needed
Safeguard and ensure the integrity of company, customer and government data.
Support efforts to transition to updated Risk Management Framework versions as necessary.
Develop, modify, and review documentation, analyze the cybersecurity posture and architecture of Range IT systems for compliance with DoD/DOW and NIST policies.
Able to acquire and maintain cybersecurity relevant certifications based on DoD 8140 guidance
Organizational support across the contract
Assist the SFRC Operations and Maintenance (O&M), Engineering, and Business Systems organizations in the development, implementation, inspection, and improvement of cybersecurity requirements
Monitor workflow to ensure delivery of products is on time in accordance with requirements.
Meet contractual requirements by planning, organizing, and prioritizing multiple projects and initiatives to ensure target dates and goals are achieved.
Ensure work products are reviewed prior to release to ensure a quality product and consistency with SFRC operating instructions, policies, procedures, and organizational responsibilities.
Develop and maintain procedures and work instructions in accordance with applicable contract Performance Work Statement (PWS) and the Contract Deliverable (CDRL) requirements
Work with the cybersecurity manager to identify and analyze performance metrics and collaborate with team members to formulate service improvement recommendations.
Provide SME guidance to aid and develop business processes for consistency and efficiency across the SFRC enterprise.
Identify issues or process improvements and provide support