Cloud Security Control Analyst

ManTech

We have a current opening for a Mid-level Cybersecurity Analyst to perform analysis of cybersecurity packages using the Risk Management Framework (RMF) process to achieve an Authority to Operate (ATO) while supporting the Marine Corps Systems Command (MCSC) in Quantico, VA. This position works closely with government officials and senior engineers.Responsibilities include, but are not limited to: Guide cloud vision and strategy, sharing knowledge and solving complex issues. Developing strategies for cloud-based platforms. Translating business needs into long-term architecture solutions. Developing and designing solutions as needed, evaluating multiple software platforms, and integrating systems. Designing automation for cloud resources using DevSecOps best practices. Support all phases of the software development lifecycle, focusing on planning, testing, and integration. Performing feasibility analysis on potential future projects to management. Analyze IT and cloud trends, providing high-level functional systems analysis and advice. Work in an Agile environment as part of a full design and development team, participating in scrum ceremonies, interacting with and supporting our customer. Analyze and evaluate CI/CD workflows and improve the scope of existing ones. Serve as the subject matter expert for containerization and DevSecOps and provide relevant advice to team members and customers. Analyze and resolve issues in the development and production environments Resolve performance bottlenecks in the infrastructure and applicationsMinimum Qualifications: Bachelors Degree and at least 5 years of related experience to include the following (additional 4 years of experience can be substituted in lieu of degree): Must be compliant with DoD 8140 at an intermediate or advanced level. Thus, will need a CASPCE, Security, CISSP, or CISM certification. Experience with cloud-based environments and technologies. Experience and expert knowledge on NIST guidelines, FISMA, Cybersecurityprinciples and methodologies, Executive Orders (EOs), Office of Management and Budget (OMB) Memorandums, Federal, DoD and CISA Technical Reference Architectures, Maturity Models, Risk Management Framework (RMF), Cybersecurity Framework (CSF), technical knowledge of IT systems Knowledge of and experience using relevant cybersecurity and analysis toolssuch as Archer, Nessus Security Center, Splunk, etc. Experience applying an enterprise-wide set of disciplines for the planning, analysis, design and construction of information systems on an enterprise-wide basis or across a major sector of the enterprise. Experience applying reverse engineering and re-engineering disciplines to develop migration strategic and planning documents. Familiarity with agency mandated security tools such as: ACAS/Nessus, HBSS, MDE, etc.Preferred Qualifications: USMC or Navy Validator certified An analytical mind with excellent problem-solving ability. Good communication skills and have good interpersonal, organizational, and analytical skills.Clearance Requirements: DoD Secret with the ability to obtain Top SecretPhysical Requirements: This job largely operates in a professional office environment. Ability to sit for extended periods of time.

Show Full Vacancy