• CSSP Analyst

    Koniag Government Services (Washington, DC)


    Koniag Data Solutions, LLC a Koniag Government Services company, is seeking a CSSP Analyst with a Top- Secret security clearance to support KDS and our government customer in Washington, DC.

     

    We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.

     

    Koniag Data Solutions is seeking skilled Cybersecurity Service Provider (CSSP) Analysts to support the Department of Energy's National Nuclear Security Administration (DOE NNSA). The ideal candidates will have strong analytical skills, experience in vulnerability management, and the ability to manage complex security documentation and processes. These positions require professionals who can effectively manage vulnerability reporting while ensuring compliance with federal regulations and requirements. Candidates must be eligible for the appropriate security clearance.

    Essential Functions, Responsibilities & Duties may include, but are not limited to:

    The CSSP Analysts will be responsible for managing vulnerability management reporting, tracking and updating policies and procedures, and ensuring sites operate in accordance with established policies. Principal responsibilities include:

     

    + Manage and execute vulnerability management reporting processes for NNSA Subscriber Sites

    + Track, draft, and update CSSP policies and procedures in alignment with DoD and federal requirements

    + Interface with subscriber sites to provide assistance and ensure operational compliance with established policies

    + Support the application of Enterprise Security Management (ESM) through programmatic reviews

    + Collaborate with the Information Assurance Response Center (IARC) NOC/SOC for technical implementation of boundary monitoring and incident response

    + Work with hardening guidance and standards for DoD in application to CSSP and Subscriber Sites

    + Track and maintain annual documentation reviews to ensure compliance and currency

    + Develop ESM metrics in Enterprise Archer for CSSP to align with annual reviews

    + Support CCRI Auditors for local assessments and provide assistance during auditing activities

    + Develop Monthly Site Report (MSR) integration processes, documentation, and train personnel on these processes

    + Conduct port, credential scanning, and monthly vulnerability reporting using Tenable Security Center for NNSA Subscriber Sites

    + Create and maintain master POC lists for NNSA Subscriber Sites

    + Process and manage network diagrams and site portfolios

    + Produce monthly hardware and software asset lists as identified by centralized scanning devices

    + Conduct annual CSSP hardware and software inventories

    + Provide computer security support for an Enterprise network environment

    + Develop improvements for TSC scanning, reports, and processes for exception tracking, POC lists, and portfolios

    + Develop PKI Policy for CSSP and NNSA Enterprise based on NIST SP 800-32, CNSS-015-2016 Guidance, and DoD NSS PKI Best Practices

    + Establish rapport with enterprise site personnel for troubleshooting issues, site notices, document updates, and policy requirements

    + Serve as a derivative classifier for classification review following established guidelines

    + Work with Enterprise ISSMs to inform changes to ISAs and other enterprise documentation

    + Collaborate with Enterprise ISSE Team to support Tenable Security Center and Cyber Tool Access

    + Maintain account access to Tenable, including processing forms, confirming training, managing access, and troubleshooting issues

    Education and Experience:

    Required:

    + Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field

    + Minimum of 5+ years of experience in cybersecurity or information security

    + Experience with vulnerability management tools and processes, particularly Tenable Security Center

    + Experience with cybersecurity policy development and implementation

    + Experience with cybersecurity documentation and compliance management

    + Experience working with federal agencies, particularly DOE, NNSA, or Department of Defense

    Required Skills and Competencies:

    + Strong knowledge of cybersecurity principles, practices, and technologies

    + Proficiency with vulnerability scanning tools, particularly Tenable Security Center

    + Experience with vulnerability management processes and remediation strategies

    + Knowledge of NIST frameworks, particularly the Risk Management Framework (RMF)

    + Understanding of DoD security requirements and hardening standards

    + Strong analytical and problem-solving skills

    + Excellent documentation skills and attention to detail

    + Ability to develop and maintain technical documentation

    + Experience with asset management and inventory processes

    + Ability to develop and deliver technical training

    + Excellent communication skills with the ability to build rapport with site personnel

    + Knowledge of PKI implementation and management

    + Ability to obtain and maintain required security clearance

    + Experience with derivative classification and handling of sensitive information

    + Familiarity with Enterprise Security Management (ESM) concepts

    + Ability to work independently and as part of a team

    Clearance Requirement:

    + Top Secret security clearance/Q

    Desired Skills and Competencies:

    + Master's degree in Cybersecurity, Information Technology, or related field

    + Certifications such as CISSP, Security+, CEH, GIAC certifications, or equivalent

    + Experience specifically with DOE NNSA cybersecurity requirements

    + Experience with Enterprise Archer or similar GRC platforms

    + Experience with Command Cyber Readiness Inspections (CCRI)

    + Experience developing SOPs and technical documentation

    + Knowledge of Information Assurance Response Center (IARC) operations

    + Experience with network diagram analysis and documentation

    + Prior experience as a derivative classifier

    + Familiarity with NNSA classification guides and CUI marking requirements

    + Experience with enterprise-wide vulnerability management programs

    + Knowledge of DoD Information Assurance Certification and Accreditation Process (DIACAP) or Risk Management Framework (RMF)

    Our Equal Employment Opportunity Policy

    The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, ethnicity, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin or ancestry, age, disability, citizenship, military/veteran status, marital status, genetic information or any other characteristic protected by applicable federal, state, or local law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits, and all other privileges, terms, and conditions of employment.

     

    The company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or apply for a position on our website, please get in touch with Heaven Wood via e-mail at [email protected] or by calling 703-488-9377 to request accommodations.

     

    _Koniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag, we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical, professional, and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers, employees, and native communities. For more information, please visit_ _www.koniag-gs.com_ _._

     

    Eq** **_ual Opportunity Employer/Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352_

    Job Details

    Job Family** **IT, Cyber Security, Network Systems

     

    Job Function** **Cyber Security Operations Analyst

     

    Pay Type** **Salary