DCE Cybersecurity Analyst - Honolulu, United States - Innovative Management Concepts, Inc.

Description

Job Description

The DCE Cyber Security Analyst is responsible for all areas of IT cybersecurity and assisting the USARPAC G61 (CSPMO) in managing missions intended to preserve the ability to utilize blue cyberspace capabilities and protect data, networks, cyberspace-enabled devices, and other designated systems by defeating on-going or imminent malicious cyberspace activity. This position will serve as the G6 lead for all matters related to the defense of the cyber domain as it pertains to USARPAC.
Duties / Responsibilities: This position will include, but is not limited to, the following tasks:

• Responsible for oversight and accountability of day-to-day security operations of cybersecurity tasks.
• Develop and maintain compliant security architecture by implementing current policies, procedures, and standards to provide a layered approach to cybersecurity.
• Evaluate policies against applicable standards for regulatory compliance.
• Assess USARPAC Physical, personnel, facility, and information systems, through policies and controls IAW Army Regulations, Department of Defense (DoD) Directives and Instructions.
• Integrate the current program into existing Warfighting functions, plans, and policies.
• Develop and plan for Cyber Mission Forces integration.
• Develop Cyber training objectives and maximize use during exercises.
• Manage the Cyber Battle Rhythm.
• Maintain awareness of all cyber activities in the Pacific AO.
• Identify Cyber Theater Critical Assets (TCA) for USARPAC and Joint leadership awareness.
• Provide COMSEC distribution to the appropriate authorized agency and organization in the Pacific Theater.
• Disseminate OPORDs/CVEs from INDOPACOM to USARPAC supporting commands for action and reporting.
• Work with system owners to maintain current Authorities to Operate in a manner compliant with Federal Information Security Management Act (FISMA), DoD Risk Management Framework (RMF), and National Institute of Standards and Technology (NIST) guidance.
• Represent the USARPAC G6 and CG in briefings and meetings regarding the cybersecurity posture of the AOR.
• Coordinate with Offensive and Defensive Cyber teams in exercise or contingency operations.

The Analyst will:

• Attend technical meetings as requested by the Govt. Cybersecurity Program Manager, providing comments and recommendations when required.
• Assist in the review and drafting of policy, SOPs, and directives as required.
• Ensure appropriate Secure Technical Implementation Guidelines (STIG) are maintained through monthly POAM review.
• Review Plans of Action & Milestones (POA&M) for currency and mitigations to identify vulnerabilities.
• Provide recommendations on Cybersecurity perspectives for proposed changes, initiatives, and projects.
• Review change requests, system connection requests, and requests for exceptions to policy to DODIN-AP networks. Determine associated risk and draft Memorandums for Record for all requests with recommendation to the Authorizing Official via CSPMO review.
• Validate assets comply with Army Gold Master configuration, DISA STIG compliant, and meet all requirements of the Change Request process prior to recommending connection to the DODIN-AP network.
• Review all change requests for completeness, accuracy, and residual risk prior to providing approval Memorandum for Request to the Cybersecurity SME.

The Analyst will support C&A activities including:

• Ensure the Network Enterprise Centers and USARPAC controlled assets comply with eMASS and AO direction for all connections to the DODIN-AP NIPR and SIPR in support of their Authority to Connect (ATC) and Authority to Operate (ATO).

The Analyst will support the CCRI and OIP processes including:

• Provide support to the CCRI assessment team during scheduled and unscheduled inspections.
• Ensure Network Enterprise Commands (NECs) and Regional Cyber Center (RCCs) comply with all applicable CCRI requirements (e.g., Technical, CND Directives, Contributing Factors, etc.), as command team member for the Site Assist Visit (pre-CCRI inspection). Report status, findings, and results.
• Support post-CCRI finding remediation. Assist with the planning, executing, and documenting CCRI finding remediation activities.
• Provide support to the Organizational Inspection Program (OIP) prior to, during, and following all OIP inspections.
• Evaluate Command personnel during all OIP inspections. Document all findings; teach and train personnel on how to correct findings and provide recommendations to preclude the recurrence of findings.

Cybersecurity support for Exercises:

• Review, analyze, and recommend connections for Authorizing Official (AO) approval.
• Work with exercise participants to develop proper documentation for presenting to the AO.
• Participating in pre-exercise meetings as directed by the government.

Basic Required Qualifications and Skills: Note: These are mandatory items that all candidates must have when making application to IMC for this position. Please ensure that your submission addresses each of these requirement items. Candidates without these required elements will not be considered.

• At start date, must possess IAM Level III certification in ACTIVE status. One or more of the following certifications are acceptable:
  • GSLC - GIAC Security Leadership Certification
  • CISM - Certified Information Security Manager
  • CISSP - Certified Information Systems Security Professional (or Associate)
• 10+ years cybersecurity experience preferably working directly with the Army.
• 5+ years knowledge of DoD and Army cybersecurity policy.
• Experience with Mission Partner Environment enclave.
• Experience with USARPAC Area of Responsibility (AOR).
• Experience in presenting and arguing for acceptance of new concepts to Senior Leadership.
• Strong interpersonal and relationship building skills.
• Ability to evaluate data to quickly identify problems, issues, and gaps.
• Excellent oral, written, and verbal communication skills, with experience addressing senior leaders.
• Pursuant to a government contract, this specific position requires U.S. Citizenship.
• All applicants must have current DoD Top Secret clearance with SCI eligibility day one and prior to entry on duty.

Desired Qualifications and Skills: It is desirable that the candidate has the following qualifications:

• Capable of conducting technical research on cybersecurity issues and products and producing a whitepaper for leadership review.
• Experience working with USARPAC and INDOPACOM AOR and familiar with the command structures.
• Experience in briefing senior executive leaders and General Officers.
• A relevant educational degree in one of the following fields: Computer Science, Information Systems, Information Technology, Cyber Security, Statistics, Business Administration, Systems Engineering, Computation Science, Computer Engineering, Electrical Engineering, Data Analytics, Information Technology, Information Security and Assurance, Mathematics, Software Engineering, Systems Engineering, or Telecommunications.
• Experience with Cloud Cyber Security.

Salary and Benefit Information:
Please see the salary information listed at the beginning of this document, which is not a guarantee of compensation or salary. All salaries will be based on relevant experience, geographic location, and position and/or contractual requirements, which could fall outside of the listed range. For more information about IMCs benefits, please visit our website at

Background Information:
Innovative Management Concepts, Inc. (IMC), a Service-Disabled Veteran-Owned Small Business, provides a broad range of information technology IT services to government and commercial customers by placing a high priority on modernization, enhancing business processes through technology, and creating efficiencies through automation. Since its founding in 1989, IMC has offered solutions and expertise in: IT operations and maintenance, data management, cyber security, systems and network engineering and administration, cloud/hosting services, software development, website services, software quality assurance and testing (including IV&V), and project management. IMC is certified in International Organization for Standardization (ISO) 9001 Quality Management, ISO 27001 Information Technology Security Management, ISO 20000 Information Technology Service Management, and ISO 14001 Environmental Management System. Committed to continuous improvement and information security, IMC has been appraised at level 3 of the CMMI Institutes Capability Maturity Model Integration for both Development and Services and we are CMMC Level 2 (Ver 2.0) compliant. Find out more about IMC at

We are an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other characteristic protected by law.