Blue Team Lead Analyst

Location: Alexandria, VA
Date Posted: 05-02-2018
Role: Blue Team Lead Analyst
Location: Alexandria, VA, occasional CONUS and OCONUS travel
Clearance Required: Must have Active Secret, will support up to a TS/SCI

Certifications: Certified as an IAT-III (CISSP, CASP CE, CISA, etc.) – Required within 3 months of hire. Certified as a CSSP-AU (CEH, CSA+, CISA, or GSNA) – Required within 30 days of hire.
Specific duties include:
  • Serve as the technical lead on the Security Assessment Team (Blue Team)
  • Manage, coordinate, perform and assist the Government in all facets of security auditing, assessments and with the DISA CCRI/CCROI process.
  • Manage, coordinate and assist the Government in conducting security assessments on new technologies being introduced to the client network.
  • Manage, coordinate and assist the Government in evaluating and approving all firewall rules IAW best practices, PPSM requirements, and applicable DOD policy and guidance.
  • Manage, coordinate and assist the Government in evaluating external website usage within the client as appropriate.
  • Perform technical functions as a Blue Team Analyst during assessments
Requirements:
  • Knowledge of tools such as HBSS, SCCM, ACAS (NESSUS), CMRS, and SharePoint
  • Experience performing manual and automated DoD STIG compliance auditing on multiple technlologies (ex: Network Devices, Operating systems, and applications such as DNS, web, and database) through the use of STIGviewer, SCAP Compliance Checker, Policy Auditor, App Detective, and ACAS.
  • Experience performing vulnerability scans, checking for false positives, troubleshooting scan failures, and presenting results in context of DISA timelines and severity.
  • Ability to comprehend higher level controls such as DoD Security Requirements Guides, determine their applicability, how to check for compliance, how to remediate or mitigate in the case of noncompliance, and communicate this information verbally and in reports.
  • Ability to determine when to upgrade or downgrade the severity score of an audited system or specific finding based on special circumstances such as, combinations of findings that could be used together, or external mitigating factors.
  • Deep understanding of the DISA CCRI scoring system, what it measures, and how the measurements work.
  • Must have an understanding of statistics and probability.
  • Travel expected to be 30%. Mostly CONUS, rarely OCUNUS.
  • Ability to determine when to upgrade or downgrade the severity score of an audited system or specific finding based on special circumstances such as, combinations of findings that could be used together, or external mitigating factors.
  • Deep understanding of the DISA CCRI scoring system, what it measures, and how the measurements work.
  • Must have a foundational understanding of statistics and probability.
  • Must have experience managing projects of similar size and scope.
  • Must be a team player, mentor and proven leader.
  • Clearance: Must have a Secret Clearance and Top Secret clearable
  • Education/Years of Experience: Bachelor's Degree and 5 years IA or cyber experience required (or additional 6 years experience to replace Bachelor's)
  • Certifications: Certified as an IAT-III (CISSP, CASP CE, CISA, etc.) – Required within 3 months of hire. Certified as a CSSP-AU (CEH, CSA+, CISA, or GSNA) – Required within 30 days of hire.
or
this job portal is powered by CATS