ProSolis a dynamic small business providing high-quality professional services to the federal government. We specialize in the critical areas of intelligence operations and analysis, IT support, contact center support and program/ project management. Our mission is to create value for our customers before, during and after service delivery while maintaining the highest moral code. As a result, we have quickly built a reputation for service excellence, integrity and speed.
ProSolis seeking ahighly qualified professional to fill aSME - Information Security Analystposition in support of the Program Executive Office Enterprise Information Systems (PEO-EIS) Product Lead Logistics Information Systems (PL-LIS.
The candidate must have the ability to operate effectively under pressure adhering to the ProSol Core Values ofAgility: rapid adaptation to the changing requirements and environment of our clients;Excellence: Service quality that exceeds the expectations of our clients;Integrity: Accountability and honestyalways doing the right thing; andLong TermCommitment: Unquestioned loyalty and dedication to our clients, partners and employees.
Perform, analyze, report sec scans/ manual checks for systems and lab environments.
Perform Hard/Software IV&V. Report discrepancies.
Identify, analyze, report security config.
Validate/post Security Assessment Plan.
Validate SSP Analysis for supported systems.
Perform IV&V for systems under test & ensure fully compliant with current IAVM status.
Analyze IAVA for applicability, notify Sys Mgrs. Analyze OS/3rd party soft vendor's critical secnotifs& patches not yet IAVAs forimpldecisions.
Support Government Cybersecurity A&A, and Connectivity or Interconnectivity activities.
Provide A&A doc to DoD. Report IAVAs, STIGs and Bulletins within POA&M.
Provide comprehensive, up to date software scanning and remediation every month. ProvideGovwith Scan Reports.
Eval/notify IAM of IAVAs identified by ARCYBER OPORT within 14 days.
Monitor updatereqsincluding vendor sites, mailing lists, third party sources, vulnerability scans and (NETCOM) SharePoint site for IAVA messages.
Make mitigation, patching, upgrade, modification recommendations & provide a POA&M for requirements not fulfilled on time.
Provide digital copy to Gov.
Provide comprehensive, updated software scan using current Army Best Practices for scanning/remediation every month.
Implement STIGs within 30 days from release. Where an update cannot be technically applied, doc in POAM w/ mitigations. If an update cannot be applied within 30 days, provide milestone schedule in POAM forGovapproval
Create, post, maintain IAVA Status metrics
Analyze, verify, compile, collate data IAVA status/compliance.
Init, prep, sub, track Compliance Ext or Waiver Request
Track, manage RMF efforts
Input/maintain system authorization data in DB of record.
Create, rev,updt,mngPOA&M w/ content from SysMgrs
Validate SSPs ensuring plans up to RMF standards.
Bachelor's degree in Information Technology AND 7 years' experience in Risk Management Framework processes.
Contractor personnel shall possess or be eligible to obtain Army 8570 Baseline Certification IAT-II AND IT-II Personnel Security Standard. Must provide proof of current DoD 8570.01M
IAT-II Baseline Certification as part of proposal. Secret Security Clearance is required for this position.
ProSolis an equal opportunity employer, all interested qualified applicants are encouraged to apply, EEO/D/M/V/F. ProSol welcomes and encourages diversity in the workforce.
All your information will be kept confidential according to EEO guidelines.