Cybersecurity AnalystJob Locations

　　US-CO-Denver

　　ID2024-18143

　　CategoryCyber Security

　　Security Clearance RequirementSecret

　　TypeRegular Full-TimeOverview

　　Systems Planning and Analysis, Inc. (SPA) delivers high-impact,technical solutions to complex national security issues. With over 50 years ofbusiness expertise and consistent growth, we are known for continuousinnovation for our government customers, in both the US and abroad. Ourexceptionally talented team is highly collaborative in spirit and practice,producing Results that Matter. Come work with the best! We offeropportunity, unique challenges, and clear-sighted commitment to themission. SPA: Objective. Responsive. Trusted.Position OverviewThis is an exciting opportunity to support the United States Space Force(USSF). The Air Force (AF) Program Executive Officer for Space(AFPEO/SP) at the Space Systems Command (SSC) has the collective SFmission responsibility for the development, deployment, maintenance andsustainment of SF space systems providing early missile warning capability;environmental sensing; precision navigation, guidance and timing;nuclear event detection; space launch capability; national and militarysatellite communications capabilities; launch range and network systems;advanced systems; and technology development programs. This position willwork in close collaboration with the Information Systems Security Manager(ISSM) and Information Systems Owner (ISO) to ensure security postureis met and maintained, develops security policies, procedures, plans,and all other evidence of compliance with various security controls. Createsand maintains RMF documentation to include Enterprise Mission AssuranceSupport Service (eMASS) and Information Technology Investment PortfolioSuite (ITIPS) database entries with System Security Plans (SSP),Security Assessment Reports (SAR), Plans of Action & Milestones(POA&M), all other artifacts and documentation tied to the NISTprocesses. Provide support to maintain a strong cybersecurity posture for thes

　　Responsibilities

　　Position DescriptionBuild, maintain, and track system's cybersecurity baselines via eMASS orequivalent, IAW cybersecurity policies, guidance and plans;Review, assess, create, and update enclave documentation in eMASS andany Configuration Management (CM) system for the ISSM review and approvalsuch as Security Plan, Security Assessment Plan, Category selectionchecklist, control results, and POA&Ms;Identify, collect, review, and maintain RMF required artifacts IAWcybersecurity policies, guidance, and plans;Ensure accurate system documentation and configuration logs are maintained toreflect current and prior configuration baselines;Provide written evaluations portraying system progress on RMF compliance IAWcybersecurity guidance (one evaluation for each system per quarter);Maintain cybersecurity data for systems registered in the ITIPS IAW FISMArequirements;Conduct and/or report annual FISMA security reviews, contingency testcompletion dates, and validation of cybersecurity control compliance, IAWcybersecurity guidance, the organizational cybersecurity strategy, and POA&M;Conduct annual control validations (ACVs) for all NC3 systems IAW AFGlobal Strike Command (AFGSC) cybersecurity guidance and for all non-NC3systems in a similar manner, but in accordance with SMC/ECP policies andscheduCreate and maintain mission common control packages and serve as the commoncontrol provider for each mission systems;Create and maintain Authority-to-Connect (ATC) guest system packages ineMASS for non-USSF systems connected to SMC/ECP systems;Ensure the required Cybersecurity functional activities and actions during thesystems' O&S phase are conducted IAW Cybersecurity related laws andregulations such as the National Cybersecurity Protection Act, FISMA, OMBA1-30 mandate, and EO 13636 Improving Cri ical Infrastructure Cybersecurityand Resilience including policies, standards, special publications,instructions and guidance from the DoD, Military, NIST, CNSS, DefenseInformation Systems Agency (DISA), and Department of the AF (DAF);Participate in the system's IPTs and sustainment contractormeetings/teleconferences, change control boards (CCBs), and workinggroups (WGs) to ensure the continued alignment of cybersecurityrequirements in the technical baselines, the system security architecture,information flows, design, and the security controls;Evaluate system's sources of changes such as Deficiency Reports (DRs),Problem Reports (PRs), Change Requests/Proposals (CRs/CPs),Request For Change (RFC), and AF Form 1067s; determine the securityimpacts of proposed or actual changes to the system, environment,threats, and vulnerabilities; and if any, update all needed RMFartifacts to reReview and provide inputs to modification packages, program/systemdocuments and support agreements updates, and communications and networkinfrastructure upgrades to ensure proper cybersecurity configurationmodification management and planning support are implemented;Review system's test plans and test results and if necessary observe systemtesting for security control implementation IAW... For full info follow