at SMX in Augusta, Maine, United States
Job Description
Information Security Analyst (2472)at SMX (https://www.smxtech.com/careers/)
United States
SMX is looking for a Journeyman Information Security Analyst to support our Navy customer. The successful candidate will posses and innate understanding of Cyber Security principles and the Risk Management Framework (RMF) and be a leader in their field, marked by having a Navy Qualified Validator certification. This role is 100% remote.
As the Information Security Analyst, you will:
+ Perform Navy Qualified Validator (NQV) functions, successfully executing the requirements of the Risk Management Framework (RMF) as an independent assessor of various cyber security compliance packages
+ Serve as a Subject Matter Expert (SME) on a Naval Air Systems Command (NAVAIR) RMF Team consulting with various members of the program office to assess and document security compliance that results in Authority to Operate (ATOs) being granted
+ Provide RMF support and development of all RMF deliverables including work associated to the ISSE/ISSO: Policy documentation, System Categorization, Control Selection/Tailoring, Hardware-Software-Information Flow tables, Architecture diagrams, System Level Continuous Monitoring Strategy (SLCM) plans, Security Control Implementation plans and Test Results, Plan of Actions and Milestones (POA&Ms), and Navy RMF SOP execution
+ Design Security Assessment Plans (SAP) and conduct vulnerability assessments utilizing Assured Compliance Assessment Solution (ACAS), automated Security Content Automation Protocol (SCAP) scans, and manual DISA Security Technical Implementation Guides (STIG) reviews to be collated as output into an actionable POA&M both with and without the use of eMASSter and/or Evaluate-STIG
+ Consult with System Administrators/Engineers to conduct remediation and validation operations
+ Manage RMF packages utilizing eMASS to document, submit, and track ATO status
Required Skills and Experience:
+ Clearance Required: Secret
+ Bachelor’s Degree in a Technical Discipline.
+ An Associates Degree plus four (4) additional years of relevant experience may be substituted for a Bachelor’s Degree.
+ No degree and six (6) additional years of relevant experience may be substituted for a Bachelor’s Degree.
+ 3+ years of experience
+ Minimum IAT Level III/IAM Level II (i.e., CISSP)
+ Minimum Navy Qualified Validator obtainable
+ In-depth understanding of computer security, military system specifications, and DoD Information Assurance policies
+ Experience with DISA Security Technical Implementation Guides (STIG), Assured Compliance Assessment Solution (ACAS), and Security Content Automation Protocol (SCAP)
+ Experience with Enterprise Mission Assurance Support Service (eMASS), Evaluate-STIG, and eMASSter
+ Strong ability to communicate clearly and succinctly in written and oral presentations
\#cjpost #LI-REMOTE #LI-NF1
Our tradition of delivering innovative, technical solutions dates back to 1995, however, you may know us better by one of our legacy company names: Trident Technologies, Smartronix, Datastrong or C2S Consulting Group. With the support of OceanSound Partners, our private equity investment sponsor, we began operating as one business starting in 2019 and became SMX in 2021. We operate in close proximity to our clients around the globe and have core locations in Alabama, California, DC Metro, Florida, Hawaii, Maryland, and Massachusetts.
Today, as SMX, we are one team and together empower government and commercial enterprises to become more effective, innovative, and resilient, no matter what challenges they face.
SMX is committed to hiring and retaining a diverse workforce. All qualified candidates will receive consideration for employment without regard to disability status, protected veteran status, race, color, age, religion, national origin, citizenship, marital status, sex, sexual orientation, gender identity or expression, pregnancy or genetic information. SMX is an Equal Opportunity/Affirmative Action employer including disability and veterans.
Selected applicant will be subject to a background investigation.
