TestPros is a successful and growing business, established in 1988 to provide Information Technology (IT) technical support services to a wide range of Commercial and U.S. Federal, State, and Local Government customers. Our capabilities include Program Management, Program Oversight, Process Audit, Intelligence Analysis, Cyber Security, Computer Forensics, Software Assurance, Software Testing, Test Automation, Section 508 Accessibility Assessment, Localization Testing, Independent Verification and Validation (IV&V), Quality Assurance (QA), Compliance, and Research and Development (R&D) services. TestPros is an Equal Opportunity Employer.
TestPros is looking for a driven, self starting individual willing to roll up their sleeves in a cross-functional and complex data center environment. We are seeking a Cybersecurity Analyst to support our customer with implementing and maintaining a Cybersecurity Compliance and Metrics (CCM) program. The Cybersecurity Analyst will report to the CCM Project Manager, while independently engaging in enterprise and system level cybersecurity-related analytical tasks. You will be located in Kearneysville, WV.
It is preferred that you have at least 2 years of related IT Security experience, and knowledge of IT Security assessment guidelines such as the NIST 800-53. This position requires full U.S. Citizenship and an active/recent US Government clearance.
You must have experience in Information Assurance (IA) IT Security, and the related processes and documentation.
You must also have the following background/experience and qualifications:
- Conduct reviews of NIST, OMB, DHS, DoD, FISMA policies, mandates, and vendor publications related to enterprise technologies and recommend changes to organizational policy and procedures affected by new guidance.
- Support authoritative order review, research, impact assessment, distribution, compliance determination, tracking and reporting.
- Monitor identified vulnerabilities throughout their lifecycle from discover to mitigation using ACAS, HBSS, STIG Viewer, or other industry tools.
- Facilitate the Plan of Actions and Milestones (POA&M) program to ensure customer systems have accurately and fully provided information for POA&M activities.
- Develop, implement, validate and maintain metrics and dashboards for command consumption.
- Capture, store, analyze and present Cybersecurity data for stakeholder situational awareness at appropriate command and senior management levels both local and enterprise-wide.
- Participate in the development, review, and de-confliction of customer information system security policy and standards, including writing guidelines, standards, procedures, and other technical documentation (technical roadmaps, project plans, etc.)
- Keep project management apprised of impending areas of concern, verbally and in writing
- Support the development and maintenance of system asset lists, hardware, and software baselines
- Provide detailed security-related reports including data, analyses, and conclusions upon completion of tests, scans, and assessments, including mitigation and if indicated, appropriate escalation of identified risks and vulnerabilities.
- Develop, implement, and maintain POA&M training and guidance documents for the benefit of organizational personnel.
- Convey project/task material to individuals, small, and large groups.
- Manage project scope and expectations to ensure requirements are understood, enabling swift delivery while maintaining communication with project-level stakeholders.
- Maintain and increase own knowledge of the latest security analysis techniques and technologies, advances in combating unauthorized access to information systems, and industry best practices. Assist team members with the same.
- Required Knowledge and Skills
- Experience in IT engineering/network security/information assurance experience demonstrating successful command of technical and analytical skills and abilities described above.
- 3+ years of experience independently planning and conducting the duties described for the position, including technical supervision of others on a task basis
- Experience with regulatory interpretation, risk analysis, systematic data gathering, and presentation
- Experience with MS Office, particularly MS Access, Excel, SharePoint, and Visio
- Desired: experience with the following tools: XACTA, eMASS, ACAS, HBSS, STIG Viewer
- Knowledge of risk management policies and procedures, NIST Special Publication 800-37 and 800-53 (series), DoD 8500 (series)
- Demonstrated excellent oral and written technical communication and presentation/public speaking skills
- Required Education and Certification
- Candidates required to have, or be able to obtain within 6 months from hire date, one of the following certifications in compliance with DoD 8570.01-M Information Assurance Workforce Improvement program at IAT Level III.
- Bachelors degree or higher in an Information Technology field or equivalent work experience
- Active Secret or higher Clearance
TestPros offers competitive salary, medical/dental/vision insurance, life insurance, 3 weeks of paid vacation, 2 weeks of paid holidays, education/training and professional certifications, 401(k) retirement plan with up to 4% company match, opportunities for professional growth and much more! All benefits are per TestPros current policies and are subject to change without notice. Benefits are available to full-time employees only.
For more information or to submit your resume, please "Apply Now" or email Careers@TestPros.com