Cybersecurity Analyst for Amyx, Inc. in San Antonio, Texas (salary not disclosed)
March 29, 2021
The Cybersecurity Analyst will support efforts to determine the overall effectiveness of the controls, based on criteria from NIST 800-53 and CNSSI 1253 security controls. Supports customer’s Risk Management Framework (RMF) Security Assessment and Authorization (A&A) process through the validation of security configurations to ensure compliance with customer’s Cybersecurity policies, requirements, and directives.
Responsibilities and Daily Tasks:
- Conduct independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system.
- Ensure compliance with Security Technical Implementation Guidance (STIG), Security Requirements Guides (SRGs), Security Benchmarks and checklists provided by customer’s Security compliance requirements.
- Leverage automated testing tools and manual test methodologies to identify system vulnerabilities, noncompliance and mitigation strategies. Excellent technical and administrative writing and grammar skills.
- Work independently, delivering accurate documentation, and meet stringent deadlines.
- Demonstrate editing, proofreading, documenting skills and clearly brief results of analysis from the IS under RMF.
- Microsoft Office Products
Required Skills and Qualifications:
- Secret Clearance REQUIRED
- 5+ years of experience with RMF Security Control implementation and validation.
- 5+ years in an Information System Security Officer (ISSM) position.
- 5+ years of experience with performing technical security assessment using tools, such as Retina, Nessus, or Assured Compliance Assessment Solution (ACAS). Use scan results to identify required patches, Security Content Automation Protocol (SCAP) configurations. Database and Web vulnerabilities. Possess skills in security control reviews, and system configuration checks in support of FIMSA
- 5+ years of experience in working with DoD government agencies to implement the NIST RMF process.
- Experience with performing manual testing methods and procedures employing manual STIGs configurations, SRGs testing, and security checklists
- Minimum DoD 8140 IAM level I: one of the following certifications: CAP, CND, Cloud+. GSLC, Security+ CE
- IAT Certification level II; one of the following certifications: CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP
For more info. go to: http://go.tagvault.org/xSJ87q