DoD Skillbridge - Cyber Security Analyst

Salary Range: $70,000 - $110,000
York Space Systems was founded to radically improve spacecraft affordability and reliability, transforming, and enabling next generation space mission operations worldwide. Today, it is one of the most innovative aerospace companies, specializing in both end-to-end customer solutions and the rapid production of spacecraft platforms. York’s complete Space Segment Solution including spacecraft production, payload integration, system integration & test, launch services, ground segment services, and mission operations enables customers to leverage York’s existing technology solutions to get rapidly and responsively to orbit. We’re looking to expand our team across the board.
York Space Systems is seeking a Cyber Security Analyst whose responsibilities include ensuring compliance with government security requirements pertaining to computer systems processing classified information across the company. The selected candidate will support multiple RMF accreditation efforts and will perform tasks that include hardware/software configuration management (to include baseline configuration), risk assessments/vulnerability assessments, testing and documenting security controls, and ensuring overall compliance with cybersecurity policies. 
Through DoD SkillBridge, York Space Systems provides internships to service members transitioning to the civilian workforce. These internships include up to six months of on-the-job training for eligible service members. During this time, participants gain valuable work experience in the civilian sector and build professional networks as they prepare for their transition to full-time civilian work.
Responsibilities:

• Travel 10%
• Able to support a 24/7 environment
• Support the development and implementation of Risk Management Framework (RMF) / Assessment and Authorization (A&A) processes, providing technical inputs as needed for both ground and space assets
• Ensure that selected security controls are implemented and operating as intended during all phases of the Information System (IS) lifecycle and RMF process
• Lead and assist self and site administrators to deploy and configure collection services and tools
• Collaborate with Systems Engineering and design review stakeholders to integrate cyber requirements into space assets throughout production and operation phases
• Collaborate with ISSOs to continuously evaluate system security posture and maintain security baseline in accordance with system accreditation
• Maintain system boundary security configurations to include patch management, vulnerability remediation, implementing STIGs, and any additional system security configurations as needed
• Assist the ISSM/ISSO in conducting cybersecurity controls assessments in accordance with applicable regulatory guidance and contractual requirements
• Perform control validation and remediation validation of network servers, routers, and switches to ensure they comply with security policy, procedures, and technical requirements
• Establish secured host baseline (SHB) image to be applied to multiple operating systems and DISA STIGs
• Perform vulnerability testing using system test tools (i.e., ACAS/Nessus, Security Content Automation Protocol (SCAP), and/or Security Technical Implementation Guides (STIGs)) and remediate flaws within directed timeframe
• Perform system and user level backups and configuration of backup offloads IAW system monitoring plans
• Identify and develop authorization boundary diagrams, architecture diagrams, and hardware and software inventories in coordination with the Network Systems Architect/Engineer
• Perform tasks related to compliance of Continuous Monitoring (ConMon) Plans
• Ensure that hardware, software, data, and facility resources are archived, sanitized, or disposed of in a manner consistent with system security plans and requirements
• Participate in the change management process, and assess security impact of proposed changes
• Ability to advise the ISSOs/ISSEs or relevant security personnel to remediate system deficiencies
• Report all security-related concerns and changes that may affect the system to the ISSM
• Provide system administrator support as needed
• Other duties as deemed appropriate for this position

Required Qualifications:

• Active Secret clearance or higher REQUIRED
• Bachelors degree or SEC+ REQUIRED.
• Minimum 3 years’ experience, preferably in a security position for the military, government or government contractor, utilizing systems security engineering experience
• 1 year or more Experience using DISA Security Technical Implementation Guides (STIGs), Security Requirements Guide (SRGs) and Security Content Automation Protocol (SCAP) for hardening of devices
• 1 year or more vulnerability management

Preferred Experience:

• Knowledge of PKI and entitlements management
• Working knowledge of scripting/programming languages (PowerShell, Python, BASH)
• Experience with SPLUNK
• Experience with ACAS

York Space Systems provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, military or protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. Must have permanent authorization to work in US. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.