Cyber Analyst

Cyber Analyst

US-AL-Huntsville

OSS is a Service Disabled Veteran Owned Small Business headquartered in Huntsville, AL. We are focused on “Making a Difference” in the lives of our Department of Defense Customers, Communities and Employees. Our greatest strength is our people. We expect competence and character and look for uniquely skilled and passionate individuals bound by a collective vision to bring their best to our mission. OSS believes in taking great care of our employees, evidenced by our exemplary benefits package: OSS covers 75% of the monthly insurance cost towards employee Health Insurance, we offer multiple Principal product options, and we have a fantastic 401k plan match with eligibility starting on first payroll. If you are interested in an opportunity to join a great mission, supporting awesome customers with a growing company, please reach out to us to learn more!

Offset Strategic Services is looking to provide professional and relevant engineering and technical support to the Uncrewed Aircraft Systems (UAS) Project Office at Redstone Arsenal, AL and across the Globe. We are seeking a Cyber Analyst professional to serve as an Information Systems Security Officer (ISSO) supporting the UAS Project Office.

The ideal candidate will have a strong background in the DoD Risk Management Framework processes and associated activities, system package management using eMASS, STIG checklist management, and IAVM management. Experience in IT, systems administration, digital engineering, and/or configuration management is preferred.

This position is located in Huntsville, AL at Redstone Arsenal.

Responsibilities:

• Manage UAS systems leveraging the DoD RMF process, resulting in ATOs.
• Transition UAS systems to RMF 2.0 and continuous monitoring.
• Ensure STIG and IAVM compliance and perform assessments.
• Integrate Cybersecurity best practices and recommend toolchains for the DevSecOps process.
• Ensure risk, compliance, and assurance efforts conform to DoD security, resilience, and dependability requirements at the software application, system, and network levels.
• Document preliminary or residual security risks for system operation & manage and approve Authorization Packages. Verify that the software application/network/ system authorization and assurance documentation is current.
• Monitor and evaluate a system's compliance with DoD security, resilience, and dependability requirements including performing validation steps, comparing actual results with expected results and analyze the differences to identify impact and risks.
• Provide an accurate technical evaluation of the software application, system, or network, documenting the security posture, capabilities, and vulnerabilities against applicable NIST controls.
• Recommend new or revised security measures and countermeasures based on risk analysis then verify that security postures are implemented as stated, document deviations, and recommend required actions to correct those deviations.
• Candidates must comply with the experience, training, and certification requirements IAW DoD 8570.01 IAT level II or IAM level III.
• Candidate must adapt quickly and continue learning a wide variety of technologies.
• Other duties as assigned.

Qualifications

• Bachelor's degree in Computer Science, Computer Engineering, Cybersecurity, or Information Systems preferred.
• 5 years of DoD related cybersecurity experience required.
• Must have prior ISSO or ISSM experience.
• RMF process experience required. Requiring a subject matter expert in all areas of RMF, to include developing and maintaining ATOs.
• Foundational understanding of cybersecurity with the ability to develop and maintain a Risk Management Framework (RMF) authorization package.
• Competency with Cybersecurity assessment tools (ACAS, Nessus, SCC, STIG Viewer).
• Candidate must be a self-starter, be detail-oriented, have strong written and verbal communication skills and work well with others.
• Candidate must demonstrate technical proficiency in vulnerability assessment and project management.
• Experience in Information Technology, such as server/workstation administration, networks, and system configuration.
• Knowledge of Red Hat Enterprise Linux and Windows Operating Systems.
• Experience with Linux and other open-source operating systems as well as various Microsoft environments is desired.
• Security Certification required.
• CISSP Certification preferred.
• Active DoD Secret clearance. Must be able to maintain the clearance required for this position.
• U.S. citizenship is required.

Offset Strategic Services, Inc. is an Equal Opportunity Employer. We are committed to maintaining a workplace free from discrimination and harassment of any kind. All qualified applicants will receive consideration for employment based on merit and qualifications, without regard to race, color, age, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other characteristic protected by applicable federal, state, or local laws.

This policy applies to all aspects of employment, including recruitment, hiring, placement, promotion, termination, layoff, recall, transfer, and compensation. We prioritize fair treatment, respect, and equal access to opportunities for all employees and applicants.

If you require a reasonable accommodation during the application or hiring process, please contact us through the links provided on our website.

OSS is a drug-free workplace. The unlawful manufacture, distribution, dispensing, possession, or use of a controlled substance is prohibited. All candidates who receive conditional offers of employment are subject to drug testing.

Thank you for your interest in working with OSS.

Experience

• Security Certification is Required
• Must Have Prior ISSO or ISSM Experience
• US Citizenship Required - DoD Clearance Required
• Active DoD Secret clearance
• Familiarity with the DoD Information Assurance/Cybersecurity requirements and certification processes; GCIA, CSA, and Cyber Resiliency; understanding of or having some working knowledge of Cross Domain Solutions.
• Knowledge or practical experience of RMF and ability to apply the NIST controls and policies and STIGs to the system design and implementation.
• 5 year(s): Relevant Work Experience

• Preferred certifications: CISSP
• Program Management Office experience preferred.

Education

• Bachelors or better in Computer Science or related field

Skills

• CISSP
• Security

Behaviors

• Functional Expert: Considered a thought leader on a subject
• Detail Oriented: Capable of carrying out a given task with all details necessary to get the task done well
• Team Player: Works well as a member of a group

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)