CSSP Analyst

Koniag Data Solutions, LLC a Koniag Government Services company, is seeking a CSSP Analyst with a Top- Secret security clearance to support KDS and our government customer in Washington, DC.

We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.

Koniag Data Solutions is seeking skilled Cybersecurity Service Provider (CSSP) Analysts to support the Department of Energy's National Nuclear Security Administration (DOE NNSA). The ideal candidates will have strong analytical skills, experience in vulnerability management, and the ability to manage complex security documentation and processes. These positions require professionals who can effectively manage vulnerability reporting while ensuring compliance with federal regulations and requirements. Candidates must be eligible for the appropriate security clearance.

Essential Functions, Responsibilities & Duties may include, but are not limited to :

The CSSP Analysts will be responsible for managing vulnerability management reporting, tracking and updating policies and procedures, and ensuring sites operate in accordance with established policies. Principal responsibilities include :

Manage and execute vulnerability management reporting processes for NNSA Subscriber Sites

Track, draft, and update CSSP policies and procedures in alignment with DoD and federal requirements

Interface with subscriber sites to provide assistance and ensure operational compliance with established policies

Support the application of Enterprise Security Management (ESM) through programmatic reviews

Collaborate with the Information Assurance Response Center (IARC) NOC / SOC for technical implementation of boundary monitoring and incident response

Work with hardening guidance and standards for DoD in application to CSSP and Subscriber Sites

Track and maintain annual documentation reviews to ensure compliance and currency

Develop ESM metrics in Enterprise Archer for CSSP to align with annual reviews

Support CCRI Auditors for local assessments and provide assistance during auditing activities

Develop Monthly Site Report (MSR) integration processes, documentation, and train personnel on these processes

Conduct port, credential scanning, and monthly vulnerability reporting using Tenable Security Center for NNSA Subscriber Sites

Create and maintain master POC lists for NNSA Subscriber Sites

Process and manage network diagrams and site portfolios

Produce monthly hardware and software asset lists as identified by centralized scanning devices

Conduct annual CSSP hardware and software inventories

Provide computer security support for an Enterprise network environment

Develop improvements for TSC scanning, reports, and processes for exception tracking, POC lists, and portfolios

Develop PKI Policy for CSSP and NNSA Enterprise based on NIST SP 800-32, CNSS-015-2016 Guidance, and DoD NSS PKI Best Practices

Establish rapport with enterprise site personnel for troubleshooting issues, site notices, document updates, and policy requirements

Serve as a derivative classifier for classification review following established guidelines

Work with Enterprise ISSMs to inform changes to ISAs and other enterprise documentation

Collaborate with Enterprise ISSE Team to support Tenable Security Center and Cyber Tool Access

Maintain account access to Tenable, including processing forms, confirming training, managing access, and troubleshooting issues

Education and Experience :

Required :

Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field

Minimum of 5+ years of experience in cybersecurity or information security

Experience with vulnerability management tools and processes, particularly Tenable Security Center

Experience with cybersecurity policy development and implementation

Experience with cybersecurity documentation and compliance management

Experience working with federal agencies, particularly DOE, NNSA, or Department of Defense

Required Skills and Competencies :

Strong knowledge of cybersecurity principles, practices, and technologies

Proficiency with vulnerability scanning tools, particularly Tenable Security Center

Experience with vulnerability management processes and remediation strategies

Knowledge of NIST frameworks, particularly the Risk Management Framework (RMF)

Understanding of DoD security requirements and hardening standards

Strong analytical and problem-solving skills

Excellent documentation skills and attention to detail

Ability to develop and maintain technical documentation

Experience with asset management and inventory processes

Ability to develop and deliver technical training

Excellent communication skills with the ability to build rapport with site personnel

Knowledge of PKI implementation and management

Ability to obtain and maintain required security clearance

Experience with derivative classification and handling of sensitive information

Familiarity with Enterprise Security Management (ESM) concepts

Ability to work independently and as part of a team

Clearance Requirement :

• Top Secret security clearance / Q

Desired Skills and Competencies :

Master's degree in Cybersecurity, Information Technology, or related field

Certifications such as CISSP, Security+, CEH, GIAC certifications, or equivalent

Experience specifically with DOE NNSA cybersecurity requirements

Experience with Enterprise Archer or similar GRC platforms

Experience with Command Cyber Readiness Inspections (CCRI)

Experience developing SOPs and technical documentation

Knowledge of Information Assurance Response Center (IARC) operations

Experience with network diagram analysis and documentation

Prior experience as a derivative classifier

Familiarity with NNSA classification guides and CUI marking requirements

Experience with enterprise-wide vulnerability management programs

Knowledge of DoD Information Assurance Certification and Accreditation Process (DIACAP) or Risk Management Framework (RMF)

Our Equal Employment Opportunity Policy

The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, ethnicity, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin or ancestry, age, disability, citizenship, military / veteran status, marital status, genetic information or any other characteristic protected by applicable federal, state, or local law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits, and all other privileges, terms, and conditions of employment.

The company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or apply for a position on our website, please get in touch with Heaven Wood via e-mail at accommodations@koniag-gs.com or by calling 703-488-9377 to request accommodations.

Koniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag, we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical, professional, and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers, employees, and native communities. For more information, please visit www.koniag-gs.com .

Eq ual Opportunity Employer / Veterans / Disabled. Shareholder Preference in accordance with Public Law 88-352

Job Details

Job Family IT, Cyber Security, Network Systems

Job Function Cyber Security Operations Analyst

Pay Type Salary