Cyber Security Analyst 4

Job Description

Mission Technologies a division of Huntington Ingalls Industries is looking for a qualified individual to fill the role of a Cyber Security Analyst IV for the Navy Integrated Training Environment (NITE).  You will be responsible for providing cybersecurity technical support to the Navy Enterprise Training Network. Position requires flexibility to work non-standard work hours and work weeks of more than 40 hours to meet business, customer, and contractual requirements.  The candidate will perform assessments of systems and networks within the networking environment or enclave and identifies systems and networks that deviate from acceptable configurations, enclave policy, or local policy. The candidate will evaluate incident response procedures and capabilities and exploit system and network vulnerabilities and misconfigurations for purposes of gathering data from target or adversary automated information systems or networks and to enable operations and intelligence collection capabilities. The candidate will leverage computer networks to disrupt, deny, degrade, or destroy information resident in computers and computer networks, or the computers and networks themselves. Additionally, position requires flexibility as duties and responsibilities may be adjusted to meet business, customer, and contractual requirements. 100% Onsite work.

This opportunity resides with Live, Virtual, Constructive Solutions, a business group within HII’s Mission Technologies division. As a trusted partner to our military customers, we design, develop and operate systems that bring together service members from across the globe to help you train like you fight, because we understand that preparation requires full coordination—not readiness in piece parts.
 
HII is a global engineering and defense technologies provider. With a 135-year history of trusted partnerships in advancing U.S. national security, HII delivers critical capabilities ranging from the most powerful and survivable naval ships ever built, to unmanned systems, ISR and AI/ML analytics. HII leads the industry in mission-driven solutions that support and enable a networked, all-domain force. Headquartered in Virginia, HII’s skilled workforce is 44,000 strong. For more information, please visit: hii.com.
 
HII is an Equal Opportunity/Vets and Disabled Employer. U.S. Citizenship may be required for certain positions.

Essential Job Responsibilities

• Perform security testing and evaluation of servers, workstations, databases, and network fabric devices (i.e. firewalls, switches, routers, load balancers) in order to determine security vulnerabilities and weaknesses, and to create reports of security findings in support of security authorization process.
• Create customized scanning/testing configurations within testing tools to suit security configuration requirements.
• Identify the applicable NIST 800-53 security controls or policies that correspond to any finding identified via manual or automated testing, to a specific CVE, IT technologies, or any other physical or logical subject.
• Perform analysis of cybersecurity directives, policies, and instructions to include, but not limited to: Communications Task Orders (CTOs), Fragmentary/Task/Operation Orders (FRAG/TASK/OPORDs), IA Vulnerability Management (IAVM), Public Key Infrastructure (PKI) guidance, and STIG requirements.
• Ensure current security testing and evaluation software is sufficient to the task of conducting infrastructure security testing and regularly look for and recommend additional software that may fill gaps in current security testing toolset.
• Provide subject matter expertise concerning known vulnerabilities, and become knowledgeable of newly released vulnerabilities, and discuss methods of exploitation, methods of mitigation or remediation, severity of impact and other pertinent considerations of vulnerabilities.
• Perform technical reviews of A&A documentation for compliance with applicable DoD cybersecurity policies.
• Perform risk analyses and recommend mitigating controls.
• Assist with the preparation and revision of cybersecurity policy and guidance documents for specific cybersecurity related technologies.
• Provide critical written and oral analysis of security architecture documentation and vulnerability and risk assessments.
• Assist in the development of plan of actions and milestones (POA&M) and tracking of milestones within POA&Ms directly related to cybersecurity requirements.
• Coordinate with system owners to ensure the appropriate A&A artifacts are developed to support system authorization.
• Serve as security advisor to the Government in all aspects of Cybersecurity and Risk Management Framework (RMF)
• Track and report compliance status in the Vulnerability Remediation Asset Manager (VRAM) and similar reporting tools as applicable.
• Ensure current security testing and evaluation software is sufficient to the task of conducting infrastructure security testing and regularly look for and recommend additional software that may fill gaps in current security testing toolset.
• Provide subject matter expertise concerning known vulnerabilities, and become knowledgeable of newly released vulnerabilities, and discuss methods of exploitation, methods of mitigation or remediation, severity of impact and other pertinent considerations of vulnerabilities.
• Perform risk analysis/independent verification on security configuration and STIG finding risk reports / POA&Ms for devices on the network.

Minimum Qualifications

• Must be able to obtain and maintain US Top Secret security clearance.
• Current DISA ACAS Administrator Training certificate (Preferred)
• Experience using DISA ACAS Advanced knowledge of Microsoft Excel 
• Comply with the DoD Cyber IT/CSWF Program requirements of DoD 8570.1-M and SECNAV M-5239.2 at the Intermediate (IAT-II) level. 
• COMPTIA Security+ CE certification
• 9 years relevant experience with Bachelors in related field OR
• 7 years relevant experience with Masters in related field OR
• 4 years relevant experience with PhD or Juris Doctorate in related field OR
• High School Diploma or equivalent and 13 years relevant experience.

Preferred Requirements