Classified Risk Management Analyst Top Secret Clearance required.
Salary undisclosed
Apply on
Original
Simplified
Job Description
Job Description Company Description
Must have minimum active Top-Secret Clearance and be onsite in Idaho Falls Idaho.
NO EXEPTIONS.
As a member of the Classified Cybersecurity team, the Risk Management Analyst is a senior-level position responsible for supporting the following core functions within the Classified Cybersecurity Program:
- Execution and operation of the Classified Cybersecurity Vulnerability Management Program
- Conducting analysis and assessment of NIST/CNSS security control deviations, DISA Security Technical Implementation Guides (STIGs) non-compliance, vulnerability scan findings, and Cybersecurity Service Provider (CSSP) directive non-compliance, working with the classified ISSOs and ISSEs in determining risks associated with deviations/exceptions identified in those assessments, and developing associated documentation (e.g. exception requests, exception tracking, POA&Ms, etc.)
- Ensuring internal vulnerability scanning of National Security Systems (NSS) is performed IAW CSSP requirements, supporting external vulnerability scanning by the CSSP, and ensuring that applicable security patches are being deployed to address vulnerability scan findings
- Ensuring proper implementation of DISA STIGs IAW CSSP requirements
- Providing guidance to classified Information System Security Engineers (ISSEs) for solutions that support information security objectives including Security Information and Event Management (SIEM), intrusion detection, and e-discovery
- Providing risk related metrics for cybersecurity reports such as the monthly cybersecurity health report, weekly DOE-ID risk review report, CSSP monthly vulnerability status report, and others as required
- Coordinating the evaluation and risk assessment of hardware and software that will be used on classified systems
- Coordinating the collection, analysis, and presentation of computer-related evidence in response to incidents associated with classified systems (e.g. intrusion, malware, criminal, fraud, counterintelligence)
- Interfacing and collaborating with other risk assessment professionals outside of the classified cybersecurity team (e.g. unclassified cybersecurity, CSSP staff, other DOE national laboratory personnel, vendors, etc.)
- Maintaining awareness of global cybersecurity threats, how they pertain to the classified environment, and sharing that information with the classified cybersecurity team, classified system owners, and DOE oversight
Position Requirements
- US Citizen
- DOE Q or equivalent (e.g. DOD/DOJ TS) security clearance
Required Skills
- Critical thinking
- Excellent interpersonal skills; written and verbal communication, effective listening, conflict resolution
Desired Skills & Experience
- Experience in classified environments
- Familiarity with security tools such as Tenable (Nessus, Security Center), SPLUNK, SCAP Tool, STIG Viewer, Xacta
- Related certifications including CISSP, CISM, CASP, Security+
2017 Based on our past performance with the Department of Energy (DOE), UGT was selected into the Mentor Protg program to support Stanford National Accelerator Laboratory (SLAC) in California.
2013-2015 UGT secured 400% growth over this 3-year period.
2012-2017 Inc. Magazine has named UGT to its 500/5000 list of top IT service companies in the US for six straight years.
2018 UGT has been honored as a Proven Performer in the ZeroChaos Performance Excellence Program.
2013-2015 UGT secured 400% growth over this 3-year period.
2012-2017 Inc. Magazine has named UGT to its 500/5000 list of top IT service companies in the US for six straight years.
2018 UGT has been honored as a Proven Performer in the ZeroChaos Performance Excellence Program.
Company Description
2017 Based on our past performance with the Department of Energy (DOE), UGT was selected into the Mentor Protg program to support Stanford National Accelerator Laboratory (SLAC) in California.\r\n2013-2015 UGT secured 400% growth over this 3-year period.\r\n2012-2017 Inc. Magazine has named UGT to its 500/5000 list of top IT service companies in the US for six straight years.\r\n2018 UGT has been honored as a Proven Performer in the ZeroChaos Performance Excellence Program.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
Report this job Similar Jobs