Information Systems Security Analyst Security Clearance

Position: Information Systems Security Analyst with Security Clearance
Information Systems Security Analyst Dahlgren, VA Active Secret Clearance @Orchard is supporting a growing Federal contract with proven capabilities in cyber security. We are seeking a skilled Information Systems Security Analyst to be proposed for a new project supporting the Navy. This role will be based out of Dahlgren, VA and will be responsible for o verseeing and managing information security program implementation within organization and other areas of responsibility .

If selected, you will be asked to sign a letter of intent to join the team upon program award. As the Information Systems Security Analyst you will:
* Manages strategy, personnel, infrastructure, policy enforcement, emergency planning, security awareness, and/or other resources.
* Acquire and manage necessary resources, including leadership support, financial resources, and key security personnel, to support IT security goals, and reduce overall organizational risk.
* Advise and assist ISSM/ISSO in A&A process for command.
* Evaluate and support documentation, validation, and accreditation processes necessary to ensure that new IT systems meet NIST Special Publications Risk Management Framework (RMF) Cybersecurity requirements.
* Develop, review, and obtain Government approval of plans to assess security controls to include creating Security Assessment plan (SAP).
* Develop SAP and Rules of Engagement (ROE) for Government approval, outlining assessment scope, methodology, and resources.
* Conduct security control assessment, including activities such as Security Categorization Review, System Security Plan Analysis, and other assessments as defined in SAP; deliver comprehensive Security Assessment Report (SAR), documenting findings, vulnerabilities, and recommendations for remediation; include Vulnerability Assessment Report and Executive Briefing in report.
* Implement initial remediation actions based on SAR recommendations; deliver Issue Resolution Report and Remediation Status Report within timeline.
* Review, revise, develop, update, and maintain all RMF required artifacts associated with command's A&A program.
* Provide direct support for accreditation of systems/networks utilizing RMF process.
* Identify and recommend corrections for security deficiencies discovered during security and certification testing and continuous monitoring or identify risk acceptance for authorized representatives.
* Develop Plan of Actions (POAs) addressing outstanding security weaknesses identified in SAR, outlining remediation tasks and timelines; compile comprehensive Security Authorization Package, including SAR, POA, System Security Plan, and other relevant documents for Navy Authorizing Official review.
* Conduct comprehensive risk assessment, determining potential risks to organizational operations, assets, individuals, and organizations.
* Include Residual Risk Statement documenting remaining risks i; provide recommendation to NAO on residual risk acceptability, supported by Risk Acceptance Recommendation Report and briefing.
* Perform additional actions required to support electronic classroom deployment.
* Conduct

Functional Area

Needs Analyses and provide recommendations on Cybersecurity architecture, requirements, objectives, and policies.
* Provide research and analysis of new and emerging technologies in hardware, software, and applications and applicability to mission.
* Assess impacts of system modifications and technological advances; consult staff to gather and evaluate functional requirements, translate into technical solutions.
* Provide guidance on applicability of information systems to meet business needs.
* Guide, gather, and evaluate functional and security requirements.
* Translate requirements into guidance on applicability of information systems.
* Develop and document requirements, capabilities, and constraints for design procedures/processes; translate functional requirements into technical solutions.
* Integrate and align information security and IA policies to ensure system analyses meet security requirements.
* Specify power supply and heating, ventilation, and air conditioning (HVAC) requirements and configurations based on system performance expectations and design specifications.

Qualifications:

* Four (4) years of experience in Cybersecurity.
* Bachelor's Degree or CNSSI 4012 certificate or ADQ GA7 desired but not required. May substitute successful completion of at least one of the following military training courses for desired education: NEC 2779 or 3372 or CIN W-3B-1500 or A-4C-1340
* Requires a CompTIA Security+, Certified Authorization Professional (CAP), CompTIA Advanced Security Practitioner (CASP), or Project Management Professional (PMP) certification.
* Requires IAT Level II certification.
* Must maintain a Secret clearance / T3 investigation and be a U.S. citizen.