Koniag Data Solutions, LLC a Koniag Government Services company, is seeking a CSSP Analyst with a Top- Secret security clearance to support KDS and our government customer in Washington, DC.
We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.
Koniag Data Solutions is seeking skilled Cybersecurity Service Provider (CSSP) Analysts to support the Department of Energy's National Nuclear Security Administration (DOE NNSA). The ideal candidates will have strong analytical skills, experience in vulnerability management, and the ability to manage complex security documentation and processes. These positions require professionals who can effectively manage vulnerability reporting while ensuring compliance with federal regulations and requirements. Candidates must be eligible for the appropriate security clearance.
Essential Functions, Responsibilities & Duties may include, but are not limited to:
The CSSP Analysts will be responsible for managing vulnerability management reporting, tracking and updating policies and procedures, and ensuring sites operate in accordance with established policies. Principal responsibilities include:
Manage and execute vulnerability management reporting processes for NNSA Subscriber Sites
Track, draft, and update CSSP policies and procedures in alignment with DoD and federal requirements
Interface with subscriber sites to provide assistance and ensure operational compliance with established policies
Support the application of Enterprise Security Management (ESM) through programmatic reviews
Collaborate with the Information Assurance Response Center (IARC) NOC/SOC for technical implementation of boundary monitoring and incident response
Work with hardening guidance and standards for DoD in application to CSSP and Subscriber Sites
Track and maintain annual documentation reviews to ensure compliance and currency
Develop ESM metrics in Enterprise Archer for CSSP to align with annual reviews
Support CCRI Auditors for local assessments and provide assistance during auditing activities
Develop Monthly Site Report (MSR) integration processes, documentation, and train personnel on these processes
Conduct port, credential scanning, and monthly vulnerability reporting using Tenable Security Center for NNSA Subscriber Sites
Create and maintain master POC lists for NNSA Subscriber Sites
Process and manage network diagrams and site portfolios
Produce monthly hardware and software asset lists as identified by centralized scanning devices
Conduct annual CSSP hardware and software inventories
Provide computer security support for an Enterprise network environment
Develop improvements for TSC scanning, reports, and processes for exception tracking, POC lists, and portfolios
Develop PKI Policy for CSSP and NNSA Enterprise based on NIST SP 800-32, CNSS-015-2016 Guidance, and DoD NSS PKI Best Practices
Establish rapport with enterprise site personnel for troubleshooting issues, site notices, document updates, and policy requirements
Serve as a derivative classifier for classification review following established guidelines
Work with Enterprise ISSMs to inform changes to ISAs and other enterprise documentation
Collaborate with Enterprise ISSE Team to support Tenable Security Center and Cyber Tool Access
Maintain account access to Tenable, including processing forms, confirming training, managing access, and troubleshooting issues
Education and Experience:
Required:
Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field
Minimum of 5+ years of experience in cybersecurity or information security
Experience with vulnerability management tools and processes, particularly Tenable Security Center
Experience with cybersecurity policy development and implementation
Experience with cybersecurity documentation and compliance management
Experience working with federal agencies, particularly DOE, NNSA, or Department of Defense
Required Skills and Competencies:
Strong knowledge of cybersecurity principles, practices, and technologies
Proficiency with vulnerability scanning tools, particularly Tenable Security Center
Experience with vulnerability management processes and remediation strategies
Knowledge of NIST frameworks, particularly the Risk Management Framework (RMF)
Understanding of DoD security requirements and hardening standards
Strong analytical and problem-solving skills
Excellent documentation skills and attention to detail
Ability to develop and maintain technical documentation
Experience with asset management and inventory processes
Ability to develop and deliver technical training
Excellent communication skills with the ability to build rapport with site personnel
Knowledge of PKI implementation and management
Ability to obtain and maintain required security clearance
Experience with derivative classification and handling of sensitive information
Familiarity with Enterprise Security Management (ESM) concepts
Ability to work independently and as part of a team
Clearance Requirement:
Top Secret security clearance/Q
Desired Skills and Competencies:
Master's degree in Cybersecurity, Information Technology, or related field
Certifications such as CISSP, Security+, CEH, GIAC certifications, or equivalent
Experience specifically with DOE NNSA cybersecurity requirements
Experience with Enterprise Archer or similar GRC platforms
Experience with Command Cyber Readiness Inspections (CCRI)
Experience developing SOPs and technical documentation
Knowledge of Information Assurance Response Center (IARC) operations
Experience with network diagram analysis and documentation
Prior experience as a derivative classifier
Familiarity with NNSA classification guides and CUI marking requirements
Experience with enterprise-wide vulnerability management programs
Knowledge of DoD Information Assurance Certification and Accreditation Process (DIACAP) or Risk Management Framework (RMF)
Our Equal Employment Opportunity Policy
The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, ethnicity, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin or ancestry, age, disability, citizenship, military/veteran status, marital status, genetic information or any other characteristic protected by applicable federal, state, or local law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits, and all other privileges, terms, and conditions of employment.
The company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or apply for a position on our website, please get in touch with Heaven Wood via e-mail at accommodations@koniag-gs.com or by calling 703-488-9377 to request accommodations.
Koniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag, we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical, professional, and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers, employees, and native communities. For more information, please visit www.koniag-gs.com .
Eq ual Opportunity Employer/Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352
Job Details
Job Family IT, Cyber Security, Network Systems
Job Function Cyber Security Operations Analyst
Pay Type Salary
