Senior Cybersecurity Systems Analyst

Performs assessment and authorization coordination. Advises and assists the customer with Risk Management Framework (RMF) and develops a Plan of Action and Milestones for resolving network deficiencies in accordance with DoD policy (DODI 8510.01) and ICD.

• The duties of this task include assessing network compliance against controls listed in NIST 800-53 and creating A&A packages. Performs assessment, compliance, and validation of IT systems to support the Cybersecurity program at USSOCOM, its Component Commands, TSOCs, and deployed forces. The Contractor shall execute a comprehensive assessment, compliance and validation of customer networks to ensure compliance with regulations and security and standards. The end goal is to ensure the integrity of customer systems by identifying and mitigating potential shortcomings and vulnerabilities.


• Advise USSOCOM, its Component Commands, TSOCs, and deployed forces on network and system risks, risk mitigation courses of action, and operational.


• The Cybersecurity Systems Analyst should be able to perform security evaluations and vulnerability assessments using the DoD Assured Compliance Assessment Solution (ACAS), Nessus vulnerability scanning tool and Security Content Automation Protocol tool. Identify applicable STIGs and perform assessments using the Security Content Automation Protocol tool. The Cybersecurity Systems Analyst will liaise with network and system administrators to correct identified deficiencies. The Cybersecurity Systems Analyst will also scan (or review scans) for new systems and applications being introduced into the SOF environment, identify issues, and draft certification letters for the government. The contractor will liaise with the Site Integration Facility (SIF) to ensure systems and applications meet the standards in the DISA Security Technical Implementation Guides (STIG).


• The Cybersecurity Systems Analyst should be knowledgeable of cyber network defense tools such as endpoint security, SIEM, comply to connect, etc.


• Typical duties include tracking A&A status of SIE governed ISs; ensuring artifacts and documentation are available in the USSOCOM-chosen automated tool.

• Experience with the US Combatant Commands (USCENTCOM/USSOCOM) is desired.


• Technical background with system administration experience, architecture and engineering preferred.


• Technical background in networking, identity management, Microsoft and Linux operating systems, database, and mobility.


• Working knowledge of the RMF.


• Knowledge of the Telos Xacta or Enterprise Mission Assurance Support Services (eMASS) system is desired.


• Must have excellent communications skill (written and oral) and interpersonal skills.


• Knowledge and experience with DoD IA processes and policies (e.g., DODI 8510.01, NIST, CNSS and other cybersecurity policies), CJCSM 65101.01, Incident Response and other IA policies.


• Active TS/SCI clearance required.

• Years Of Experience Required: 8+ yrs


• Education Required: BA/BS


• Certification Required: Current DoD 8570.01-M, IAT- Level III or IAM Level III.


• Example Certs: CISSP (or Associate), CASP+CE, CISA, CISM, CCISO, GCED, GCIH, CCSP, or GSLC

Physical Requirements: May include lifting of weight up to forty (20) pounds as necessary.

Work Environment: Can involve inside or outside work depending on the task. An inside environment may be a cubicle (considerations: close quarters, low to moderate noise, bright or dim lighting). Outside work may include various environmental conditions including warm and cold climates. Needs to be able to work well with co-workers and all levels of management. No hazards on job or unusual environmental conditions.

Equipment and Machines: Ability to operate office equipment such as a personal computer, printer, copy machine, telephone, fax machine and other equipment including desk supplies and other work-related tools as required. Possess heavy and light equipment licenses, or the ability to obtain the necessary licenses.

Attendance: Normal hours are Monday - Thursday between 6:00am to 4:00pm during flex weeks, 6:00am to 3:00pm on non-flex weeks. Punctuality and regular attendance are necessary to meet deadlines. Must exhibit flexibility of work hours to adjust to surge situations based on critical mission requirements. With the exception of STD/LTD/FMLA & approved time off, attendance is considered essential.

Other Essential Functions: Must demonstrate professional behavior at all times when dealing with customers, management, and co-workers. Must have clear, concise and accurate communications skills in English, both verbal and written. Grooming and dress must be appropriate for the position and must not impose a safety risk to employees or others. Must maintain a positive work atmosphere by behaving and communicating in a professional manner.

Independent personal transportation to office or work site is required. Travel (up to 10%) to and from customer locations and test locations (government and vendor) may be required to support projects. This may involve airline travel. In some cases, accommodations can possibly be made for POV, if necessary. When operating any vehicle for work purposes, must wear seat belt and in addition, no cellular devices are to be used when vehicle is in motion.