Position Summary:

Tyto Athene is seeking anRMF Cybersecurity Analyst to join our Colorado team. TheRMF Cybersecurity Analyst supports Cybersecurity Engineering, Continuous Monitoring and Cybersecurity Vulnerability Assessment and Audit (A&A) support.

Responsibilities:

• Conduct system self-assessments on security control compliance for RMF packages prior to submitting and obtaining approvals. If current risks are elevated or new medium/high risks are identified, then approval of those risks should be obtained.
• Create and maintain an SMC/ECP continuous monitoring plan and system-specifics plans for each SMC/ECP system in accordance with cybersecurity policies, guidance, and plan.
• Conduct physical security assessments.
• Report security incidents, violation, or vulnerabilities to the system-level ISSM
• Report all suspected physical and personnel security violations immediately to the unit Special Security Representative (SSR)
• Initiate protective or corrective measures, in coordination with the security manager, when a security incident or vulnerability is discovered.
• Conduct annual Computer Security (COMPUSEC) self-assessments and assist with Self-Assessment Checklist (SAC) review and remediation activities.
• Monitor system performance and review for compliance with security and privacy requirements
• Ensure that compliance monitoring occurs, and review results of such monitoring across the interconnected networked IS.
• Conduct site inspections on the contractor and sub-contractor facilities that have Government Furnished Equipment (GFE) at least once during the system's ATO cycle, at contract renewal, or at the requested time from the Government
• Participate in Emission Security (EMSEC) risk management processes
• Ensure that Cybersecurity requirements are effectively integrated into IS and components.
• Employ best practices when implementing security controls within an IS
• Provide assessment and technical inputs to any system changes for all associated system enclaves
• Perform FISMA required risk assessment of policies, procedures, supplemental plans addressing network, facilities and system security, security awareness training, testing and evaluation of security controls, incident response plan, and continuity of operations plans
• Evaluate the requests for compliance and integration with all applicable cybersecurity policies, Notice to Airmen (NOTAMs), and Technical Change Orders (TCOs)
• Create/maintain a government owned Cyber Schedule that captures all mission cybersecurity activities and actions.
• Provide IS and compliance documentation as required
• Develop and implement special projects tasked by SMC/ECP based on direction from USSF/S6 in coordination with combatant commands, and mission delta
• Provide RMF training/education for program managers and integrated product team leads.
• Support coordination of leadership with supporting personnel, and completion of all action items
• Coordinate and advise with the assessment team and mission organizations to establish requirements, schedule and timeline of assessment events, rules of engagement with the operational and support staff to ensure the least possible impacts on operations
• Assist the assessment team with coordination and submission of any needed documentation for shipment and storage of equipment to and from mission site locations, and gaining connectivity into the system
• Arrange workspace and communication requirements for the assessment team to use while conducting their assessments

Qualifications:

• Active Security Clearance, Secret, Top Secret, or TS/SCI
• DoD 8570.01M IAT/IAM II Certification
  • Sec+ CE, GSEC, CAP, CASP CE, CISM, etc.

• 6+ years of IT experience with 2-3 years focused in security

  • Associates or Bachelor's degrees can supplement years of required experience

Required Experience/Skills:

• Experience with DoD RMF functions and processes and/or DISA Information Assurance Support Environment(IASE)
• Experience with Xacta (desired)
• Experience with FISMA, eMASS and/or ITIPS (desired)

About Tyto Athene
Tyto is an IT services and solutions company that provides mission-focused digital transformation to enhance the client experience and enable them to achieve desired outcomes. Tyto's services and solutions embody its domain expertise in four major Technology domains: Network Modernization, Hybrid Cloud, Cyber Security, and Enterprise IT. Tyto offers a broad range of service delivery models including design/install projects, Managed Services, and 'As-a-Service'. With over fifty years of experience, Tyto supports Defense, Intelligence, Space, National Security, Civilian, Health and Public Safety clients across the United States and around the globe.

After several strategic acquisitions in 2021, Tyto Athene has experienced enormous opportunity and growth. Aside from being the leading provider of mission-focused IT and Cyber services and solutions to critical U.S. government agencies, Tyto is well-positioned to meet the growing demand for network modernization requirements across the federal enterprise.

Our employees are the key to the innovation that has made Tyto a success. We provide an environment that is geared to reward potential, innovation, and teamwork. If you would like to unleash your creativity and your career - it's time to join Team Tyto!