B

Cybersecurity Analyst Lead

By Light HQ
On-site
Wharton, New Jersey, United States






Company Overview






By Light Professional IT Services LLC readies warfighters and federal agencies with technology and systems engineered to connect, protect, and prepare individuals and teams for whatever comes next. Headquartered in McLean, VA, By Light supports defense, civilian, and commercial IT customers worldwide.









Position Overview






Full Spectrum Operations LLC (FSO) is a SDVOSB JV between American Communication Solutions LLC, an SBA VetCert verified SDVOSB, and By Light Professional IT Services LLC (By Light). FSO is looking for personnel to support the Network Enterprise Center Picatinny Arsenal New Jersey (NEC PANJ) with classified and unclassified communication systems support. Personnel will provide Site Management, Infrastructure Operation and Maintenance (O&M) – Unified Communications, Inside Plant (ISP), Customer Service Telephone, and Outside Plant (Cable) (OSP); Information Technology (IT) Systems Support  - Network Maintenance, Help Desk Assistance, Voice over Internet Protocol/Voice over Secure Internet Protocol (VoIP/VoSIP), Network Engineering, and Cybersecurity; Telecommunication Support; Radio Systems Operation; Tower and Antenna Support; and Configuration Management.  

 

Work is on site and core duty hours are 0700 – 1700, Monday through Friday, excluding Federal holidays. All personnel will work an 8-hour workday.









Responsibilities






  • Execute all AITP Cybersecurity related baseline services from the Army’s current AITP Services List IAW stated performance standards and current IT Metrics Program Definitions and Units of Measure.
  • Install, configure, troubleshoot, and support security devices.
  • Apply technical standards and security policy for LAN topologies and components; identify and remediate security vulnerabilities.
  • Perform vulnerability Scanning of all networked devices, including scheduled scans, ad-hoc scans and requested scans IAW NEC policy and SOP.
  • Provide touch labor or remote support in support of enterprise network devices (i.e., enterprise services, routers, remote access to include VPN).
  • Assist with development of an updated system management architecture design documents describing service level offering deployed and planned enhancements.
  • Support Cybersecurity-related service delivery, draft and maintain SOP documents for the functional category, as necessary.
  • Follow existing or newly developed/published DoD, Army, and Regional Network Enterprise Center (RNEC)/Local Network Enterprise Center (LNEC) SOP, Tactics, Techniques, and Procedures (TTPs), and other governing publications.
  • Execute and support Authorization & Accreditation efforts to include current Risk Management Framework (RMF) and Enterprise Mission Assurance Support Service (eMASS) requirements.
  • Execute/provide Cybersecurity-related support required to prepare for and execute DoD, Army, and RNEC/LNEC inspections to include Cyber Operational Readiness Assessments (CORA) (formerly CCRI) & Command CORA Site Assistance Visits.
  • Execute/provide compliance monitoring for supported customers to ensure customers meet and maintain all DoD and Army requirements to obtain and maintain network access and both General User and Elevated Privilege Active Directory accounts IAW AR 25-2 and associated Department of the Army Pamphlet (DA PAMs).
  • Assist the Government in compiling reports and analyzing data for frequently announced/unannounced physical security inspections on Intrusion Protection System (IPS) in accordance with AR 380-5 and local policies.
  • Provide planning expertise with projects pertaining to traditional security and physical security standards for secure classified processing areas.
  • Responsible for requesting, receiving, and installation of system PKI certificates.
  • Maintain accountability of system PKI certificates.
  • Provide Common User network PKI Authentication technical support.
  • Provide vulnerability assessment support to include risk analysis of vulnerabilities, threats, and the impact of losing systems' capabilities on the mission objective; facilitate decisions to implement security countermeasures or mitigate risk; implement countermeasures; periodic reviews.
  • Recognize possible threats and review evaluations for compliance and non-compliance.
  • Provide updated vulnerability risk assessment based on input from U.S. CYBERCOM and coordination with other Federal/State Agencies as appropriate. Workload is performed monthly, response time and resolution as required.
  • Provide analysis and reports for known or potential vulnerability risks.
  • Assess the effectiveness of TEMPEST countermeasures based on the information gathered from the Risk assessment.
  • Provide updated vulnerability risk assessment for Common User services based on input from authoritative sources IAW all DoD and Theater published regulations and policies, and in coordination with other Federal/State Agencies as appropriate.
  • Within the scope of assigned roles, support the RMF process IAW all DoD, Army, and ARCYBER published regulations and policies which manages the lifecycle cybersecurity risk to DoD Information Technology.
  • Review of Common User Army installation activity inheritance requests and applicability of Security Controls and Control Correlation Identifiers (CCIs) for installation Common Control Provider (CCP) eMASS record inheritance.
  • Monitor and report Approval to Connect (ATC) expiration dates ensuring authorization milestones are met IAW all DOD published regulations and policies to avoid disconnection. System Owners monitor track and report for their ATC.
  • Review and update required artifacts associated with the security controls.
  • Validate and document mitigations on all non-compliant security controls and assessment procedures as required to maintain approval to operate (not applicable to fully inherited controls).
  • Maintain Picatinny NEC managed electronic RMF record(s) through continuous monitoring IAW all DoD,
  • Army, and ARCYBER published regulations and policies (system owners are responsible for maintaining their own RMF records).
  • Review Security Controls and Assessment Procedures as required.
  • Schedule and conduct compliance scans as required.
  • Manage Plan of Actions and Milestones (POA&M) items to meet FISMA requirements.
  • Provide support for Cybersecurity oversight and inspections IAW all DoD published regulations and policies.
  • Execute the installation program IAW DODI 8500.01 and 8510.01 and other appropriate DoD/Army guidance.
  • Provide Cybersecurity Subject Matter Expertise representation on the Configuration Control Board (CCB).
  • Manage Cybersecurity of Common User hardware and software changes for the installation.
  • Develop technical guidance and Courses of Action to mitigate current and future threats.
  • Operate and maintain a Defense in Depth for the network and/or enclaves within the network IAW all DOD published regulations and policies.
  • Conduct Mobile Scanning (e.g., war driving) for Unauthorized Wireless access points.
  • Execute the Information Assurance Vulnerability Management (IAVM) program for all installation and customer activities IAW all DOD published regulations and policies.
  • Perform Information Systems vulnerability scans IAW all DOD published regulations and policies.
  • Workload scans is performed weekly or more often as required, response time and resolution as required.
  • Perform compliance checks upon entry to the network.
  • Analyze event and time-based scans.
  • Report event and time-based incidents IAW all DOD published regulations and policies.
  • Perform research analysis to assess known or potential threats to all information systems.
  • Report IAVM compliance IAW applicable vulnerability management system.
  • Manage compliance reporting to ensure that IAVM messages are acknowledged, corrective action implemented, extensions requested, compliance verified, and reporting data entered in the required database/system.
  • Develop IAVM Plan of Action and Milestones (POA&M).
  • Develop Operational Impact Statements for IAVM noncompliance IAW all DoD published regulations and policies.
  • Monitor Wireless Intrusion Detection System (WIDS).
  • Analyze information systems logs for security anomalies and unauthorized activities.
  • Respond to Negligent Discharge of Classified Information incidents (NDCI) IAW all DoD published regulations and policies.
  • Report negligent discharge of classified information incident and remediation IAW all DoD published regulations and policies.
  • Provide details on information systems that may be compromised. Report NDCI within two (2) hours and resolution varies per incident.
  • Disseminate network defense and related advisories, alerts, and warning notices to all customers.
  • Compile and provide information systems vulnerability reports IAW all DOD published regulations and policies to the COR.
  • Report information systems security anomalies and unauthorized activities to the Information System Security Manager (ISSM).
  • Issue, maintain, and delete domain/network accounts and passwords.
  • Administer levels of network access per customer and per group.
  • Support after duty hour emergency maintenance requirements that include the restoral and/or other actions that cannot wait until normal duty hours.
  • Perform other duties as required.








Required Experience/Qualifications






  • Education: A Bachelor of Science (BS) degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science, from an ABET accredited or CAE designated institution.
  • Experience with wireless monitoring and Wardriving.
  • Knowledge of log collection and analysis.
  • Knowledge and experience with respect to Incident Response associated with Cybersecurity related incidents or other requests.
  • Knowledge of client computer and server operating systems and hardware architectures in use by the DoD and Army.
  • Knowledge and experience communicating Cybersecurity concepts to technical and non-technical personnel.
  • Ability to develop technical documents and produce system design documentation.
  • Knowledge of Department of Defense and Army Authorization & Assessment (A&A) requirements and
  • processes, including RMF and eMASS.
  • Knowledge and experience with Cybersecurity vulnerability assessments and mitigation including
  • operating and administering the DoD’s and Army’s current Assured Compliance Assessment System
  • (ACAS) for vulnerability scanning.
  • Knowledge and experience operating and administering the DoD’s and Army’s current end-point security
  • system, Host-Based Security System (HBSS).
  • Knowledge in application, implementation, and evaluation of DISA STIGs or security controls for all supported IT systems or devices.
  • Excellent customer service skills: ability to work within the confines of a set time schedule.
  • Foundational Personnel Certification: Possess an Advanced certification identified for the DoD Cyber Workforce Framework (DCWF) workforce role Systems Security Analyst– Work Role ID: 461. Certified Cybersecurity Engineer (CCE), or Certified Information Systems Security Officer (CISSO), or CompTIA Cybersecurity Analyst (CySA+), or FITSP-Operator-NG (FITSP-O), or GIAC Cloud Security Essentials Certification (GCLD), or GIAC Cloud Security Automation (GCSA), or GIAC Security Essentials Certification (GSEC).
  • Foundational Qualification (Experience) - Possess an Advanced Proficiency level with 70% of the Knowledge, Skills, and Abilities (KSAs) associated with the DoD Cyber Workforce Framework (DCWF) – Work Role ID: 461, Systems Security Analyst.
  • Residential Qualification (Certifications) – MS Cybersecurity Architect.
  • Residential Qualification (On-the-Job) – Assured Compliance Assessment System (ACAS), Host-Based Security System (HBSS), Enterprise Mission Assurance Support Service (eMASS), Risk Management Framework (RMF).
  • Has the ability to interface with management and brief senior leadership on status of program status and risks (both technical and programmatic).
  • Has an in-depth understanding of Command, Control, Communications, Computers, and Information Management (C4IM) in support of the Department of Defense.








Preferred Experience/Qualifications






  • Supported the U.S. Army or other DoD Agency.
  • Has the communication skills to effectively interface with senior military officials, managers, and subordinates.








Special Requirements/Security Clearance






  • Security Clearance: Secret.