About Special Aerospace Security Services:
Started in 1988, Special Aerospace Security Services (SASSI) is a Woman Owned Small Business (WOSB) focused on delivering national security mission solutions to the U.S. Government in support of their vital role in protecting the United States of America. Known for highly interactive training provided by nationally recognized security experts from a wide variety of different security disciplines. SASSI has three operating Divisions that cover all aspects of security services: Integrated Security Solutions (ISS), Health Security Services (HSS), and the National Security Training Institute (NSTI). Our areas of expertise include: Personnel, Physical, Cyber, and Health Security, including Management Consulting, Risk Management, Emergency Preparedness and Response, and Working Dog Health and Wellness Support.
Description:
Join SASSI, the best results are achieved through a dedicated, hard working team. We strive to provide our customers with the best talent and support available to enable the successful achievement of mission goals as efficiently as possible
We are seeking Cyber Security Analysts with active TS (with SCI eligibility) clearance to support the Department of Defense.
Responsibilities will include but are not limited to:
The contractor shall support the CS exercise program during the planning stages, work to ensure that the DOD CIO’s equities are adequately represented in upcoming cyber exercises. The contractor shall support actions involved with the successful execution of DCIO CS sponsored exercises and conduct post-exercise analyses on cyber and related data and outcomes such as developing synopses and presentation of findings and observations, and other after-action requirements.
The contractor shall provide technical insight and recommendations on current enterprise wide cyber security tools (e.g., Assured Compliance Assessment Solution (ACAS), Endpoint Security System (ESS) and and proposed enterprise capability areas for network access solutions, real-time assessment solutions, active endpoint threat detection and response, along with strategies, for introducing Security Orchestration and Automated Reporting (SOAR) to improve DoD continuous monitoring efforts and cybersecurity process automation.
The contractor shall provide assistance for development of the Chairman, Joint Chiefs of Staff, Mission Partner Environment network architectures and policy formulation, with the goal of better enabling integration and access to data supporting operational planning, and key information security mission tactics, techniques, and procedures with Coalition Allies and Foreign Mission Partners.
The contractor shall assist the Government with the implementation and use of metrics to track and analyze compliance to strategic operational, cyber, and information assurance objectives to DoD policies and directives (i.e. 8500 series of Issuances), technical guidance (e.g. Security Technical Implementation Guides), and to other applicable governance and policy issuances.
The contractor shall provide expertise to assist the Government in directing and monitoring the performance of the DoD cybersecurity activities and programs through the execution of a portfolio management process. This includes transitioning towards use of a common hierarchical perspective of the portfolio to facilitate a consistent method to summarize and detail portfolio 'health'.
The contractor shall assist the Government with the design of the DoD cyber compliance & verification program to include those of the DoD Agencies and Field Activities. Applicable design elements include a data collection plan, technology solutions for compliance monitoring and reporting, and an assessment and reporting plan.
The contractor shall provide support for the Information System Continuous Monitoring (ISCM) Program with technical and non-technical analysis of enterprise and non-enterprise cybersecurity tools and capabilities. Assist with the development of ISCM strategies, policies, standards, guidance, and best practices. Support ISCM architecture and engineering reviews as ISCM capabilities are identified for transfer to the JIE Single Security Architecture. Support ISCM Program requirements analysis, leadership, implementation, and transition planning and reporting.
Required Qualifications:
Between 5 - 10 years IA/Cyber Security experience developing and executing IA, CND, Cybersecurity policy and programs within DoD. Possess working knowledge of DoD policies, directives and instructions (i.e. 8500 series) and technical guidance.
Related experience: Endpoint Security & Information Security Continuous Monitoring (ISCM), Risk Management Framework Implementation and Governance, DoD IA/Cyber Response Compliance Requirements, Federal Information Security Management Act (FISMA), Cybersecurity Service Provider (CSSP) Program, cyber security, National Institute of Standards and Technology (NIST) Special Publication series documents and guidance (i.e.: SP800-53 Revision 4), knowledge of relevant DoD components, IA Portfolio and Governance Management, and Cloud Computing.
Desired Qualifications:
Experience with Microsoft Azure and AWS
Experience with Tableau, Splunk, or Power BI for security data analytics
Experience with ServiceNow for GRC workflow management and tracking
Experience with RedSeal for networking mapping and vulnerability impact assessments
Experience generating RMF A&A Packages or overseeing a team and resolving challenges
Experience with both commercial and government organizations (e.g., Legislative Branch, DoD, or State and Local
Bachelor's Degree
CISSP