Principal Cyber Security Analyst-Assessment Lead

Job Description:

Essential Job Functions

• Build strong relationships with clients and internal departments to understand the IT security challenges and opportunities

• Able to work with PMs to manage small to large sized projects- managing scope, schedule, resources, risks/issues, and cost

• Support the creation of A&A management best practices, tools, and ways to drive A&A completion on schedule

• Identify key stakeholders in A&A efforts and ensure system documentation reflects current system security configurations to include hardware and software components, data flow, interconnections, and ports, protocols, and services, etc.

• Identify potential risks associated with system configurations and advise on mitigation strategies

• Lead A&A status meetings and facilitate moving systems toward a successful A&A effort

• Assist in estimating Level of Effort (LOE) involved in performing A&A activities

• Develop and implement detailed test plans and review findings from self-assessments to determine readiness for independent validation and verification (IV&V) assessment

• Assists customer program offices in interpreting and applying mitigation strategies

• Conduct IV&V assessments and analyze test results for accuracy, compliance, and adherence to Federal cybersecurity requirements

• Conduct thorough reviews of all vulnerabilities, architecture, and defense in depth strategies and report findings in a (POA&M) document

• Document residual risks and provide the cybersecurity risk analysis and mitigation determination results

• Produce risk assessment artifacts describing initial risks during system development and residual risks identified during IV&V

• Able to analyze, interpret, and apply Federal cybersecurity guidance to customer needs

• Communicate the security posture of systems through designated reporting mechanism

• Advise and mentor other team members in cybersecurity and provide initial quality assurance / peer review of RMF system packages

• Ensures continuous monitoring is in place to ensure ATO is continuously achieved into the future

• Must have excellent oral and written communication skills across all levels and the ability to write comprehensive reports and senior level documentation skills

• Strong focus on collaboration, team building, and excellent customer service skills

• Demonstrated skills running effective meetings and getting buy-in and participation from executive leaders

• Able to quickly adapt to changing environment and deadlines to provide a consistent level of service

• Effectiveness working diplomatically across teams with varying objectives

• Microsoft Office (Word, Excel, Visio, PowerPoint, MS Project), MS SharePoint

• Well-versed in FISMA, FedRAMP, NIST publications, specifically RMF and NIST & PCI controls

• Subject Matter Expert dealing with defense-in-depth, and other information security and assurance principles and associated supporting technologies

• Must demonstrate proficiency in the following areas: multi-tasking, organizational skills; critical thinking; and the ability to work quickly, efficiently and accurately in a dynamic and fluid environment

• Ability to work both independently and as a member of a team

• Experience working with Security engineering to review compliance scans

• Experience performing on-site cybersecurity assessments using Standards such as CIS Benchmarks, DISA STIGS, etc

. • Broad technical experience related to IT operations, networks, OS’s, and system administration

• Experience working in an ‘as a service‘ environment or similar managed services management structure.

Requirements/Experience:

  • Bachelor’s Degree in Computer Science, Information Systems or other related technical field
  • Degree in relevant field; Bachelors and nine 9 years or more experience; Masters and seven 7 years or more experience; PhD and four 4 years related experience.
  • CISSP certification Required
  •  Must be US Citizen
  • Top Secret Clearance Required
  • Must be able to obtain and maintain DOE Q

If you are an applicant from the United States, Guam, or Puerto Rico

DXC Technology is an Equal Opportunity/Affirmative Action employer. All qualified candidates will receive consideration for employment without regard to disability, protected veteran status, race, color, religious creed, national origin, citizenship, marital status, sex, sexual orientation/gender identity, age or genetic information. DXC’s commitment to diversity and inclusive selection practices includes ensuring qualified long-term unemployed job seekers receive equal consideration for employment. View postings below.

We participate in E-Verify. In addition to the posters already identified, DXC provides access to prospective employees for the Federal Minimum Wage Poster, Federal Polygraph Protection Act Poster as well as any state or locality specific applicant posters. To access the postings in the link below, select your state to view all applicable federal, state and locality postings. Postings are available in English, and in Spanish, where required. View postings below.

Postings link

Disability Accommodations

If you are an individual with a disability, a disabled veteran, or a wounded warrior and you are unable or limited in your ability to access or use this site as a result of your disability, you may request a reasonable accommodation by contacting us via email.

Please note: DXC will respond only to requests for accommodations due to a disability.

Job ID : 51412995

More Information

Apply for this job

Leave your thoughts

Share this job