SC Works IT Jobs

Job Information

H2 Performance Consulting Senior Cyber Security Analyst-NQV II-III - 20.0002.190 in Charleston, South Carolina

H2 Performance Consulting is subject to the Vietnam Era Veteran's Readjustment Assistance Act as a Federal Contractor and is an Equal Opportunity/Affirmative Action Employer and strives to build a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status or disability status. Additionally, as mandated under Executive order 12989, H2 is required to verify employment eligibility of selected candidates through the Department of Labors - E-Verify.H2 Performance Consulting (H2) is seeking a highly skilled individual to serve as a Sr. Cyber Security Analyst NQV II-III to provide cyber security support to the Enterprise Systems and Services (E2S). E2S, also known as PMW 250, develops and implements reliable, efficient and secure business information technology (IT) solutions. Established in early 2017, E2S supports a wide array of Navy, Marine Corps and other DoD customers. The ideal candidate will have experience with Navy eMASS and doing RMF packages (Cloud experience preferred); is very detailed oriented with strong written and oral communication skills; and excels with proper handling and protection of sensitive information, etc.Responsibilities Ensures the completion of programs, projects or tasks within estimated timeframes and budget constraints; ensures that the quality of the program, project or task deliverable meets the established standards or metrics Provides Cyber Security guidance and documentation throughout the system development life cycle Provides Cyber Security guidance at meetings, briefings and design reviews and during system development in accordance with prevailing Cyber regulations and policies Supports the PM, SCA, ISSM, and ISSE throughout all phases of the security authorization process Performs system security reviews for Assessment and Authorization (AandA) Assists with development and tracking of the POAandM in eMASS Supports RMF Checkpoint and Collaboration meetings Assists with the System Categorization and consults on the SLCM Strategy Develops the Security Plan, Security Assessment Plan, Security Assessment Report, and Executive Summaries Ensures the completion of cyber related programs, projects, or tasks within estimated timeframes and budget constraints Provides Cybersecurity guidance at meetings, briefings and design reviews, and during system development in accordance with prevailing Cyber regulations and policies Ensures Cybersecurity system designs that properly mitigate identified threats and vulnerabilities Reviews and approves test and evaluation activities to validate those threats and vulnerabilities are mitigated Conducts AandA process for IT systems and networks in accordance with the DoN Risk Management Framework process Report package status and risks weekly to senior level government leadershipQualifications Minimum SECRET clearance Minimum 5+ years of experience in Certification and Accreditation (CandA) or Assessment and Authorization (AandA) Approved Navy Qualified Validator (NQV) Level III Expert knowledge of Risk Management Framework (RMF) at the ISSE/NQV level Expert knowledge of eMASS at the ISSE/NQV level BS Degree in Cyber Security/Engineering field (e.g., Computer, Electrical, Mechanical, Systems, Security) Minimum 3+ years experience with independently performing validator activities defined in the Navy RMF process guide and applying RMF guidance to Navy or DoD AandA efforts Experience with test and evaluation for allocating assigned security controls into assessment objectives and procedures, developing and executing Security Assessment Plans (SAP) Expert knowledge and experience with using the DoD Assured Compliance Assessment Solution (ACAS) suite of tools Expert knowledge and experience with vulnerability assessment scanning tools and reporting, intrusion detection technologies, intrusion prevention