General Summary:

　　COLSA Corporation is seeking a Risk Management Framework (RMF) Cyber Analyst to serve as an Information Systems Security Officer (ISSO) in support of a US Army contract. The selected candidate will support system records for Authorization to Operate (ATO) approval on multiple Information Systems, including Enclaves and Major Applications. Additional support will be provided for system monitoring and analysis of detected cyber incidents and provide corrective action recommendations.

　　Principal Duties and Responsibilities (*Essential Functions):

　　The ISSO/RMF Cyber Analyst will be responsible for the authorization and compliance management of accredited computing systems. Additional duties include but are not limited to:

　　Directly responsible for analyzing and implementing Cybersecurity (IA) requirements into RMF A&A packages that meet DoD and Army accreditation standards.

　　Develop and implement a Security-Focused Configuration Management Plan that includes, assisting the Information System Owner in completing Continuous Monitoring responsibilities.

　　Implement, assess and monitor security controls in eMASS and conduct risk assessments to include:

　　Configuration change security impact analysis.

　　Vulnerability audits and security configuration checks.

　　Ensure the implementation of vendor supplied security software packages, performance of diagnostics for security problems, and assist with the identification/mitigation of security risks.

　　Monitor DISA Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRG) by using STIG Viewer and Security Content Automation Protocol (SCAP) tools.

　　Complete analysis from monitoring tools such as Tenable Nessus ACAS, HBSS, Splunk, and other IA-specific software.

　　Create Cyber Security training materials and mentor team members when applicable.

　　Continuously monitor and update artifacts in eMASS such as System Security Plan (SSP), IS Security Architecture, Hardware/Software list, POA&Ms and RMF Assess Only IT.

　　Perform the activities necessary to obtain security accreditation of solutions/applications as it relates to system administration.

　　Prepare and deliver the technical data needed for the submissions of accreditation packages in support of RMF.

　　· Provide data and information and make recommendations regarding the overall system security as it relates to system administration and system architecture.

　　Work with the security team and System Administrators to identify, fix, and provide information regarding resolving vulnerabilities, and computer incidents.

　　· Identify where systems/networks deviate from acceptable configurations, enclave policy, or loca l policy.

　　· Provide compliance recommendations for networks, workstations, servers, and IT assets.

　　At COLSA, people are our most valuable resource and centered at our core value. We invite you to unite your talents with opportunity and be a part of our “Family of Professionals!” Learn about our employee-centric culture and benefits here (https://www.colsa.com/culture_benefits/) .

　　Required SkillsRequired Experience

　　Required Qualifications

　　·Bachelor’s Degree in related field, or equivalent experience.

　　Minimum of 7 years of work related experience.

　　·CompTIA Security+ CE.

　　Ability to obtain/maintain a DoD secret clearance required; US Citizenship required.

　　Solid understanding and experience with Risk Management Framework (RMF).

　　Solid understanding of creating Assessment & Authorization (A&A) accreditation packages.

　　Very knowledgeable of Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRG).

　　Strong written and verbal American English communication skills.

　　· In-depth knowledge of Federal and DoD Guidance: DoDI 8500.01, DoDI 8510.01, CNSSP, NIST Special Publications, ICD 503, JSIG, FedRAMP, FISMA, AR 25-2 with associated 25-2 pamphlets, and ATP 6-02.71

　　Experience working with the security team and system administrators to identify, fix, and provide information regarding resolving vulnerabilities and computer incidents.

　　Proven track record of success in securing IT systems.

　　Preferred Qualifications

　　Working experience within eMASS

　　Previous experience in DoD Cybersecurity/IA

　　Working knowledge of US Army AR 25-5 and other regulations

　　Familiarity with Cyber tools - ACAS, HBSS, Fortify

　　Applicant selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. COLSA Corporation is an Equal Opportunity Employer, Minorities/Females/Veterans/Disabled. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.