Job Description
** ACTIVE CLEARANCE REQUIRED
COMPANY OVERVIEW
Systems Technology Forum LTD (STF) is an established industry partner with a passion for exceptional performance and an unwavering commitment to our clients. As a premier provider of management, engineering, information technology, and logistics services, STF is committed to delivering high-quality systems engineering, technical and professional support services that meet and exceed deliverable requirements.
STF offers superior out-of-the-box solutions to end-to-end problems and customer-centric support to the United States Government, Military, Department of Defense (DoD), and other federal agencies.
JOB SUMMARY
The Vulnerability Remediation Asset Management (VRAM) Cybersecurity Analyst is charged with monitoring, tracking, and reporting IAVMs, CVEs, and the fulfillment of EXORD/ CTO requirements as these relate to “scan-patch-scan” Cyber operations. In tandem with these duties, the applicant should have ACAS (Nessus) scanning and Security Center familiarity as a secondary skill.
The VRAM analyst will update N62’s Cybersecurity Readiness dashboard(s) and provide compliance statistics for N6 leadership weekly. These compliance statistics relate to the Cybersecurity mission of ensuring security patches are applied (compliant) throughout an approximately 124 ship fleet. Your job will include fostering a good working relationship with Command ISSMs, NCDOC personnel and MSC NOC operations personnel to ensure the desired Cybersecurity level of ships and their on-board networks (AR2, SMIS, ACGv, COMPOSE).
RESPONSIBILITIES AND DUTIES
Interprets VRAM (v3) output for reporting purposes. Provide status of open trouble tickets regarding the MSC Fleet ships. Analyze fleet provided network scan data to determine vulnerability and fault conditions that may hinder the monthly application of security patches. The candidate will evaluate and analyze the associated scans, CVEs and IAVAs with remediation patches supplied to the fleet. Analyze VRAM extracts to determine fleet vulnerability trends by ship/ network/ asset and aid in the development of MSC platform specific fixes or mitigations. Analyze data in IAVM Status Reports prior to delivery to identify areas of interest to the CYBERSECURITY Program and delineate any anomalies. Analyze data from VRAM scan extracts and IAVM Status Reports to determine the effectiveness of fixes and mitigations. The VRAM Analyst will support the operations of associates who apply patches either on-board or by remote means. This may require scanning the target ship’s network for pre and post-patching analysis. Scans are pre-configured by NOC but a general working knowledge of ACAS is expected. Verify success of scan and patch efforts through post scan report analysis conducted by patch team during ship visits. Analyze computer network system configurations in relation to the accepted baseline configurations and identify root cause issues for systems resistant to patching. Track/ monitor CTOs from inception to full compliance. Information provided will be used to validate and update the CTO Compliance spreadsheet hosted on the MSC portal. Update the N6 briefing slides contained within PowerPoint on the MSC SIPR share drive weekly or upon request.
QUALIFICATIONS AND SKILLS
REQUIRED KNOWLEDGE AND YEARS OF EXPERIENCE
5-10 years in a role of Cybersecurity support.
Analytical mindset/natural curiosity for problem-solving. A general working knowledge of ACAS is expected. Advanced working knowledge of Excel for performing IAVM tracking across the fleet for weekly reporting as well as for ad hoc requests to support ISSMs and higher leadership. Advanced capability to work in Excel. A comprehensive working knowledge of VRAM v2 and an aptitude to develop into a VRAM v3 SME. Experience with Incident handling (incidents and electronic spillages as an ancillary duty is desired). Minimum of 5 years’ experience in the Cyber Security field working with and analyzing VRAM, CTOs, Shipboard Scan data and reporting findings in an established format. Proficiency with MS Word, Excel and Power Point. Help Desk experience in these areas are helpful.
EDUCATION REQUIREMENTS
High School diploma minimum. Technical training in IT and Cybersecurity that lead to IAM Level II certification.
CERTIFICATIONS
REQUIRED: IAM Level II IAW DoD Directive 8570.01M. Certificate must be provided for validation before a offer is tendered.
CLEARANCE REQUIREMENT
Secret Clearance Required
BENEFITS AND PERKS
At STF, we recognize that talented employees are the foundation of our success. STF provides benefits and compensation packages to help our employees meet the diverse and changing needs throughout their careers and lives.
BENEFITS PACKAGES INCLUDE THE FOLLOWING:
Powered by JazzHR
wFlxOV6Qjt