Cybersecurity Specialist

The GWS Cybersecurity Analyst is responsible for ensuring GWS fleet and land-based configurations are assessed and authorized with respect to Department of Defense (DOD) Cybersecurity policies.

• Manage approvals in accordance with the Risk Management Framework process.
• Research the system architectures; develop cybersecurity documentation per the prescribed templates; document compliance or non-compliance with cybersecurity requirements; assess the risk of deficiencies; develop plans of action and milestones for corrective measures; and make recommendations to the authorizing authorities.
• Perform security assessments using DoD provided tools; report results to the cybersecurity system engineer; and develop strategies to mitigate discrepancies.
• Perform detailed package reviews by following the appropriate RMF Checklist/SOP prior to package submission.
• Support Use Case and Administrative Change Requests throughout the system lifecycle.
• Track system updates and ensure Cybersecurity assessments and vulnerability scans are performed on schedule.
• Develop RMF package submission schedules, track progress, and communicate status to leadership.
• Coordinate with cybersecurity system engineers, system administrators, network engineers, and Validators to perform security testing (cybersecurity requirements, security control assessment procedures, STIG assessments, and vulnerability assessment scans).
• Develop and maintain standard operating procedures to ensure consistency and repeatability of RMF package submissions.
• Ensures, where possible, that an automated approach is implemented.
• Supports an agile and iterative approach to development, test, build, and release.
• Ensure the rigorous application of cybersecurity policies, principles, and practices in the delivery of systems.
• Closely support and interact with the cybersecurity system engineers, system administrators, network engineers, system engineers, and system developers.

• DoDM 8140.03 certified, (any IAT level 2 certification will meet requirement)
• Eight plus (8+) years of professional experience as a Cybersecurity Specialist with a specialization in cross domain solution implementation.
• Experience to include computer networking concepts and protocols, and network security methodologies experience.
• Knowledge of conducting application vulnerability scans using Assured Compliance Assessment Solution (ACAS) tools, revising artifacts, applying Security Technical Implementation Guides (STIGs), and is proficient with eMASS/eMASSter.
• Must have general understanding of Defense Information System Agency (DISA) Security Technical Implementation Guides (STIGs) by applying system scans and addressing security events to determine impact and implementing corrective actions; and/or ensuring the rigorous application of information security / information assurance policies, principles, and practices in the delivery of all IT services.
• Knowledge and experience in gun weapon systems is a plus
• Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth & concept of zero trust).
• Experience working with Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications.
• Experience working with network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
• Knowledge of system administration, network, and operating system hardening techniques.
• Knowledge of system administration concepts for operating systems such as but not limited to Unix/Linux, IOS, Android, and Windows operating systems.
• Experience utilizing Microsoft Visio for creating network boundary diagrams

• Must be able to lift up to 25 pounds.
• Must be able to stand and walk for prolonged amounts of time.
• Must be able to twist, bend and squat periodically.

#LI-BG1