Millennium Corporation is hiring a Information Security Analyst to support a newly awarded program in Pax River, MD. Candidate must have an active Secret Clearance.
The Information Assurance Analyst supports multiple DoD and Department of the Navy (DoN) programs and projects in all aspects of the A&A process. The Information Assurance Analyst supports the programs in determining what type of A&A is required for a particular system or project. The Information Assurance Analyst prepares documentation and artifacts and perform Cybersecurity testing and analysis in support of obtaining approvals from the appropriate Authorizing Official (AO), previously known as Designated Approving Authority (DAA). The Information Assurance Analyst provides support for providing a comprehensive Risk Management Framework (RMF) Package that meets the requirements of the Department of Defense Instruction (DoDI) 8510.01 RMF for DoD IT. Cybersecurity documents required to be produced, delivered and reviewed include, but are not limited to (as applicable):
The Information Assurance Analyst monitors changes in Cybersecurity guidance and any additional documentation that is required or any updates to guidance for required procedures and documentation.
Information Assurance Vulnerability Management (IAVM) and Information Assurance Vulnerability Alert (IAVA) Tracking Support: The Information Assurance Analyst provides IAVM and IAVA tracking support process for both the RMF and PIT A&A processes, utilizing the DoD IAVM process. The Information Assurance Analyst provides and tracks Computer Security Engineering Deficiency Reports as part of IAVM. The Information Assurance Analyst prepares and submits an IAVM Plan that monitors the World Wide Web, trade papers, weblogs, Computer Emergency Response Team (CERT) Bulletins, and Original Equipment Manufacturers (OEMs) of microprocessor chips and operating systems used and contemplated for use in identified systems. Each program’s compliance reporting maybe different but he Information Assurance Analyst should be familiar with and use Navy current practices (e.g. Online Compliance Reporting System (OCRS)).