IA Reporting and Compliance Analyst *Clearance Required*

Job ID
2017-3120
Experience (Years)
2
Security Clearance
Secret
US-VA-Alexandria

Job Description

NetCentrics is looking for an experienced Information Assurance Reporting and Compliance Analyst to support our US Coast Guard contract working at the Coast Guard base in Alexandria, VA.  This position is open only to candidates with an active or recently inactive DOD Security Clearance.  Day-to-day responsibilities include:

  • Examine datasets and use investigative techniques to determine what systems are in compliance with or deviating from the known standard
  • Filter a dataset and conduct analysis in order to provide the Customer with an explanation based on potential scenarios proposed by the Government or the Analyst
  • Analyze data contained within multiple tools (e.g. HBSS, ACAS, etc.) and determine the potential attack surface of a vulnerability based on their understanding of the exploitability of the vulnerability and active and passive defenses used by the network
  • Differentiate between risk mitigation and risk remediation, the processes for each and how to manage and track both
  • Assist with the Coast Guard’s privileged user management program, and serve as support to stakeholders in the process.
  • Generate reporting and metrics related to the organization’s privileged user management program.
  • Perform audits of privileged users and end users to ensure recurring training requirements are completed in a timely manner, and provide reports detailing metrics on compliant/noncompliant users to CGCYBER.
  • Maintain datasets related to information systems and related data used by the field.
  • Conduct threat forecasting and research vulnerabilities (e.g. Securify, DeepSight, etc.) and communicate to senior leadership the network's susceptibility to that threat
  • Understand and communicate the difference between a threat, vulnerability and a risk
  • Track and acknowledge the receipt of vulnerabilities
  • Reporting the compliance of vulnerabilities on affected assets
  • Disseminate IAVM/ISVM notices and track compliance as directed by USCYBERCOM or CGCYBER
  • Assist with the coordination of and implementation of the IA program with a specific emphasis on the reporting, tracking and compliance of KPIs
  • Analyze a large dataset to generate reports required to comply with DHS Data Feed Continuous Monitoring requirements
  • Responsible for drafting management level reports detailing vulnerabilities released, compliant, and non-compliant at minimum as well as trending information across the enterprise

Required Skills/Experience/Education

  • Minimum of 2 years Information Assurance (IA) experience required
  • Experienced with the MS Office Suite, especially analyzing large data sets with MS Excel; Must be proficient in MS Excel formulas
  • Knowledge of tools such as HBSS, SCCM, SQL and databases, and SharePoint plus
  • Knowledge of following is preferred but not required:  DISA CMRS program, web site vulnerabilities, Telos XACTA, Telos Continuum,
  • Compliance with DODI 8570 IAT Level II.  One of the following certifications required: Security+ CE, GSEC, SSCP.  If you do not have one of the following certifications, you must be able to obtain it within the first 3 months of employment.  NetCentrics provides reimbursement.
  • Compliance with DODI 8570 CND Auditor.  One of the following certifications required: CEH, CISA, GSNA.  If you do not have one of the following certifications, you must be able to obtain it within the first 3 months of employment.  NetCentrics provides reimbursement
  • This position requires an active DoD Secret Clearance or higher.

 **In order to be considered for this position, you must apply directly through our careers site**

 

 NetCentrics is an Equal Opportunity/Affirmative Action Employer.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability or protected veteran status.

 

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed