ATO Cybersecurity Analyst

Come join our team! At Unlimited Technology, we are committed to our company's core values of Passion, Collaboration, Innovation and Adaptability. With offices throughout the United States, we are a premier cyber and physical security specialty contractor, and we are growing at a rapid pace. We have a wide range of talented and experienced individuals that deliver cutting edge technology solutions to meet our customers’ ever-changing needs. We secure the facilities and networks of the world’s leading brands and critical infrastructure and are recognized leaders in the physical and IT security, cyber, and managed services industries. UT offers a rewarding career, great benefits, and the chance to learn and work with ground-breaking technology and premier clients.

Work with UT Government and UT Government’s supported customer base to discover and mitigate cybersecurity risks, understand and apply policies to address requests for information on cyber best practices, conduct risk assessments for specialized devices, support ATO sustainment activities, and provide information system security expertise to ensure the appropriate operational security posture is maintained for a variety of information systems.

Perform very detail-oriented system documentation and updates and collaborate closely with system owners and stakeholders. Leverage expertise to train other System Administrators in system risk management duties. Work with clients to translate security concepts into actionable implementable solution recommendations to help the clients make informed security decisions.

Additional Duties:

• Oversees the security posture for one or more system(s) throughout the entire lifecycle; provides continuous monitoring through scheduled audits, controls testing, and audit reviews, and escalates issues as needed. Oversees the implementation of information technology (IT) security controls and security authorization documents; and ensures the system is Federal Information Security Management Act (FISMA) compliant with mandated security policies and requirements.
• Provides technical recommendations for all Risk Assessments and Vulnerability Assessments conducted for the system or site.
• Develops/updates system security plans, risk assessments, disaster recovery, and contingency plans, incident response and additional system development life-cycle (SDLC) security documentation for systems and/or applications in alignment with the SDLC.
• Provides coordination, consolidation, and submission of the Authority to Operate (ATO) security documentation for CISO approval; and track security assessment and authorization (SA&A) packages, reviewing authorization documents to confirm that security requirements are compliant
• Facilitates remediation/mitigation of the POAMs to reduce risk and address weaknesses to the system.
• Provides Continuous Monitoring support/guidance by reviewing security documentation, logs, scans and ensuring system backups are performed.
• Reviews threat and vulnerability assessment findings to quantify and prioritize vulnerabilities in a system.
• Serves as IT security subject matter expert (SME)/POC for customer interactions and communications.
• Perform Vulnerability assessments and provide direction on mitigation actions.
• Perform system patching and updates as needed to mitigate vulnerabilities and ensure compliance with guidelines.
• Traveling to customer sites is a requirement, expected travel is to be up to 25%.
  
  

Qualifications:

• 3 years of experience with supporting system Authority to Operate (ATO) processes and creating artifacts, control implementation details, and POAMs.
• Experience with National Institute of Standards and Technology (NIST) security controls, the Governance, Risk Management, and Compliance (GRC) security documentation tool, Risk Management Framework (RMF), and security compliance processes.
• Ability to facilitate meetings, analyze authorization documents and associated artifacts against authorization requirements to identify gaps, establish a schedule to address outstanding authorization requirements, and coordinate directly with system team stakeholders.
• Ability to obtain and maintain up to, a Top Secret clearance based on client requirements.
• Experience with Federal Information Security Management Act (FISMA) and Federal Information System Controls Audit Manual (FISCAM) criteria.
• Cyber security and/or cloud certifications are desirable.
• Valid CISSP Certification.
• Excel and Visio skills are a plus.
  
  

Benefits

• Health, dental, and vision coverage
• Life insurance
• 401 (k) w/company match 100% up to 3% and an additional 50% match of 2%
• Paid time off
• 11 Paid Holidays
  
  

We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, sex, age, national origin, disability, Veteran status, or any other category protected by federal, state, or local laws.