Cyber Security Analyst
CurrentActively support NIWC PAC TCS group in achieving and sustaining Authority to Operate (ATO) for both new and existing TCS systems, aligning with the Navy's Risk Management Framework (RMF), ensuring compliance with organizational IA and security requirements.Proficiently utilize eMASS to create, manage TCS system records, and initiate workflows encompassing RMF Steps such as Categorization, Control Selection, Implementation, Assessment, Authorization, and Continuous Monitoring, mirroring the requirements for system compliance assessment.Install, configure, and maintain an ACAS server for conducting scans and generating vulnerability reports, adept at uploading these reports to the Vulnerability Remediation Asset Manager (VRAM), contributing to the risk assessment and mitigation strategies.Monitor and evaluate TCS systems for adherence to Security Technical Implementation Guides (STIGs) and SCAP Benchmarks as per DISA standards, ensuring robust security controls and data protection.Manage McAfee ePolicy Orchestrator (ePO) policies, rules, and exceptions, tailoring them to TCS system functionality and end-user operations, ensuring secure and compliant network operations.Provide local and remote TCS system administrators with monthly Information Assurance Vulnerability Alert (IAVA) updates, emphasizing continuous monitoring and cybersecurity enhancement.Implement automation of STIG and ACAS compliance for TCS systems using PowerShell scripts, streamlining RMF continuous monitoring requirements, a key aspect of the role's responsibilities.Developed and maintained scripts/tools for automating imaging, baselining, and backup processes for systems, ensuring their readiness before dispatch to US Navy commands, reflecting the role's focus on ensuring IA and security compliance for IT systems.