Falconwood, Inc. Headquarters
Location
Stafford, VA | United States
Job description
About Falconwood, Inc:
Falconwood, Inc. is a woman/veteran-owned business providing executive level consultants and programmatic support to Department of Defense (DoD) Information Technology (IT) initiatives and programs.
We provide expert consultation on a diverse range of IT subjects focusing on acquisition strategy, implementation activities, and Cyber Security policy and engineering.
We have an immediate opening for a Cyber Security Analyst to provide cyber security support, develop, and maintain DoDI 8510.01 compliant risk management framework (RMF) authorization packages for all assigned Logistics Integrated Information Systems-Marine Corps (LI2S-MC) systems and applications.
The Cyber Security Analyst:
- Provide Cyber Security guidance and documentation throughout the system development life cycle for Marine Corp systems and applications
- Develop and maintain detailed cybersecurity project plans for all assigned systems. Cybersecurity project plans shall identify all action items necessary to obtain and maintain, system authorization; maintain FISMA compliance and implement the systems continuous monitoring strategy; account for known system inspections, and system milestone events
- The contractor shall utilize the Marine Corps Certification and Accreditation Support Tool (MCCAST) for the authoritative authorization packages as per the references:
- Support the PM, Cyber Lead, and ISSM throughout all phases of the security authorization process
- Oversee cybersecurity testing to assess security controls and recording security control compliance status during the continuous monitoring phase of the lifecycle
- Ensure the completion of cyber related programs, projects, or tasks within estimated timeframes and budget constraints
- Provide Cyber Security guidance at meetings, briefings, and design reviews, and during system development in accordance with prevailing Cyber regulations and policies
- Ensure Cyber Security system designs that properly mitigate identified threats and vulnerabilities
- Review and approves test and evaluation activities to validate those threats and vulnerabilities are mitigated
- Perform system security reviews and Certification & Accreditation (C&A)/ Assessment and Authorization (A&A)
- Conduct A&A process for IT systems and networks in accordance with the DoD Risk Management Framework process
- Develop the Security Plan, Security Assessment Plan, Security Assessment Report, and Executive Summaries
- Assess C&A impact based on ACAS and STIG results, and identified the strength of the mitigation or remediation
- Report package status and risks weekly to senior level government leadership
Required Qualifications:
- Minimum SECRET clearance
- 5+ years of direct experience in cyber security
- Security plus certification
- BS Degree in Cyber Security/Engineering field (e.g. Computer, Electrical, Mechanical, Systems, Security)
- Experience with independently performing validator activities defined in the Navy RMF process guide and applying RMF guidance to Marine Corp or DoD A&A efforts
- Marine Corps Certification and Accreditation Support Tool (MCCAST)
- Experience with test and evaluation for allocating assigned security controls into assessment objectives and procedures, developing and executing Security Assessment Plans (SAP)
- Experience with vulnerability assessment scanning tools and reporting, intrusion detection technologies, intrusion prevention technologies
- Knowledge of DoD published Security Technical Information Guidance (STIG) requirements and implementation or compliance process
- Firm understanding of DISA CAL boundaries and experience coordinating with the PPSM team to register ports not registered within the latest DISA’s CAL boundary list
- Firm understanding of sensitive data types and cybersecurity protections associated with that data (e.g. PII, PHI, )
- Possess knowledge of current security threats, techniques, and landscape (threat vectors) as well as information systems security requirements to be implemented during system design
- Experience with business/operations solution architectures (i.e. portals, service management, networks, inventory)
- Skilled in project management and engineering technical management techniques, principles, and practices
- Proficiency in Microsoft Office applications, particularly Visio, Word, Excel, and PowerPoint
- Ability to think independently with minimal oversight, as well as demonstrate exceptional written and oral communications skills
- Exemplary customer/client management skills and techniques
Desired:
- MS Degree in Cyber Security/Engineering field (e.g. Computer, Electrical, Mechanical, Systems, Security)
- 10+ years of cyber security
- IAM/IAT III - Certified Information Systems Security Professional (CISSP) Certification or equivalent
- Experience with contingency planning, firewall policy, and ports and protocols, and service management
- Experience with Microsoft Public Azure, Azure Pack and Azure Stack and related Microsoft technologies (Hyper ‐ V, ADR, SCCM, SCOM)
- Familiarity with Marine Corp network architecture
130k - 145k
Job tags
Salary