Cybersecurity Analyst

Unissant, Inc. is an innovative solutions development and consulting company committed to delivering simplicity through innovation. We meet this commitment by delivering state-of-the-art enterprise computing and processing solutions to both government and commercial clients. Our workforce continually strives to advance (y)our collective intellect through collaborative fortitude, and we are looking for further talent to join that effort! To learn more about our exciting organization, please visit us at

We are seeking a Defense Health Agency (DHA) Cybersecurity Analyst to join the Pharmacy Operations Support Contract (POSC) team. This position shall support the Pharmacy Operations Division (POD) Information System Security Manager (ISSM) in cybersecurity matters by providing analytic and technical advice to support DoD Cybersecurity policies and activities.

This is a 100% Remote Position.

Essential Duties and Responsibilities

• Assist the ISSM with development, review, and management of cybersecurity documentation, such as, system authorization plans, categorization memos, plan of action and milestones (POA&M), hardware and software lists, and boundary diagrams.
• Work with vendors to ensure compliance requirements are met by achieving Authorization to Operate (ATO) for all packages
• Assist the ISSM in ensuring compliance with 8582.01 controls to make certain systems, remains in a secure state throughout the system lifecycle
• Assist the ISSM in confirming the validity of hardware and software lists, architecture diagram and resolution of findings through remediation/mitigation statements
• Work with the ISSM to assess configuration changes to determine overall impact to the security posture of the system
• Work with ISSM to analyze system administrator generated vulnerability scans from various tools, such as, ACAS, HBSS, SCAP, Nessus, and review Security Technical Implementation Guides (STIGS) and checklists to provide vulnerability assessments at the system level.
• Utilize reporting tools, such as, Enterprise Mission Assurance Support Services (eMass) and Continuous Monitoring and Risk Scoring (CMRS) for the documentation and evidence of assessment results for each system
• Organize meetings, including appropriate meeting materials, and record minutes for meetings as required.
• Monitor, schedule, and assist with action items as required.
• Using principal of least privilege, restrict user access to specific data and transactions via role-based permissions based upon duties and need-to-know. Apply a two-step authentication requirement, such that all users must be verified via Public Key Infrastructure rules (using CAC card certificates), and subsequently a unique user ID and password.
• Ensure that DHA Pharmacy Information Technology (IT) systems and information networks are accredited according to DoD I 8510.01 Risk Management Framework (RMF), DoD I 8500.01 Cybersecurity, CNSSI No. 1253 and comply with annual Federal Information Security Management Act (FISMA) security control testing.

Work Experience

• Eight or more years cybersecurity experience required
• Experience assessing new security laws, policies, and standard in the federal government

Job Skills

• Possess technical knowledge of National Institute of Standards and Technology (NIST), Risk Management Framework (RMF), Federal Risk and Authorization Management Program (FedRAMP) with a solid understanding of cloud deployment, security policy requirements and assessments, and service models as defined by the NIST.
• Understanding of IP networking, networking protocols and security related technologies including encryption, IPsec, PKI, VPN, firewalls, proxy services, DNS, electronic mail and access-lists.
• Possess depth knowledge of security hardening, assessment and reporting tools (e.g. HBSS, ACAS, SCAP, etc.) with the ability to assess and provide appropriate feedback for external audits and remediation plans.

Education

• Bachelor's Degree in the relevant field or 8 years' working experience in the relevant field desired

Certificate, License, and/or Registrations

• CompTIA Security+ required
• DoD-approved Cybersecurity workforce certification Information Assurance Technical (IAT) Level III per DoD 8570.01-M (e.g. CISSP, CISA, CASP CE) required
• This position requires the candidates to be United States citizen capable of obtaining an IT-2 position of Public Trust

Communication Skills:

• Excellent verbal and writing skills
• Demonstrated experience communicating effectively across internal and external organizations.
• Enthusiastic, proactive, positive attitude with good listening skills and high integrity

Travel:

• N/A

Environmental Requirements:

• Remote work in a private and suitable location
• Private high efficiency home internet access is required
• Private high efficiency home phone or mobile phone service is required
• Highly recommend access to Adobe, card reader, and a scanner
• Standard Monday through Friday day schedule, with some extended hours at times

The above statements are intended to describe the general nature and level of work being performed by the individual(s) assigned to this position. They are not intended to be an exhaustive list of all duties, responsibilities, and skills required. Unissant management reserves the right to modify, add, or remove duties and to assign other duties as necessary. In addition, where applicable and available, reasonable accommodation(s) may be made to enable individuals with disabilities to perform essential functions of this position.

Please note: Candidate(s) will be required to go through pre-employment screening.

Unissant, Inc. is a proud Equal Opportunity Employer! (EOE; M/F/Disability/Vets)