Job Description: Job Number: R0038920
Cybersecurity Analyst, Junior
Support the development and submission of DIACAP accreditation packages and Risk Management Framework (RMF) Assessment and Authorization (A&A) packages for a US Navy or Marine Corps clients. Assist the client with the accreditation or authorization of scientific mission applications under RMF. Assist and lead coordination with client staff to create accreditation or system authorization packages and submit them for approval using the Enterprise Mission Assurance Support Service (eMASS) or Marine Corps Certification and Accreditation Support Tool (MCCAST). Support the creation and development of key DIACAP artifacts, including C&A plans, hardware lists, software lists, network diagrams, ports, protocols and services diagrams, and contingency plans. Support the creation and development of key RMF artifacts, including the system categorization form, Security Assessment Plan (SAP), Security Assessment Report (SAR), Risk Assessment Report (RAR), and continuous monitoring strategy. Perform technical testing of client applications, systems, and networks to evaluate levels of compliance with Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs)
3+ years of experience with information assurance, Cybersecurity, Cyber policy and compliance, Cybersecurity testing and analysis, and the development and submission of C&A packages under DIACAP and authorization packages under RMF
3+ years of experience with conducting vulnerability assessments using both automated and manual tools and guidance, including STIGs and SRGs
Knowledge of DIACAP and RMF accreditation processes, eMASS, MCCAST, DoD STIGs and SRGs, and DoD and Navy and USMC Cybersecurity policies and requirements
Ability to work independently to certify and accredit DoD information systems and networks
BA or BS degree in Cybersecurity, Information Assurance, or CS or or 6+ years of experience with Cybersecurity in lieu of a Bachelor's degree
DoD Cybersecurity Work Force (CSWF) Requirements Certification, including Security+, CISSP, CASP, SSCP, CISM, or GSLC CEH
Experience with performing and reviewing vulnerability scans using the Assured Compliance Assessment Solution (ACAS)
Possession of excellent oral and written communication skills
Navy Qualified Validator (NQV) Level I, II, or III Certified, legacy Fully -Qualified Navy Validator (FQNV), or Marine Corps Qualified Validator (MCQV) preferred
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.
We're an EOE that empowers our peopleno matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran statusto fearlessly drive change.
Booz Allen Hamilton Inc.