Cybersecurity Certification and Accreditation Analyst

Amyx is seeking to hire a Cybersecurity Certification and Accreditation (C&A) Analyst for a remote position supporting Defense Operation Technology environments with regards to Authorization of information systems and all associated cybersecurity policies and procedures. The C&A Analyst should possess an understanding of how the security controls identified in the NIST 800-53 apply to the process of assessing and authorizing a large organization's IT infrastructure such as DLA's, in which there is a compilation of large and small enclaves, AIS applications and outsourced IT processes. The C&A Analyst will assist in the determination of the applicable severity value for an identified vulnerability (e.g., non-compliant security control), determine the possible ramifications on the system's current or future authorization, and be required to brief senior management on the progress or results of an information system undergoing the authorization process
Work may include occasional travel to industrial environments and customer sites. Will be required to work with a remote team on all cybersecurity and planning activities.

Identify, assess, and mitigate risks associated with OT systems.
• Work closely with cybersecurity analysts, engineers, and IT/OT professionals to gather information and ensure documentation reflects current practices and configurations.
• Work closely with cybersecurity analysts, engineers, and other stakeholders to ensure effective implementation of security controls.
  
• Implement and maintain continuous monitoring programs for OT environments.
• Conduct security control assessments to evaluate the effectiveness of security controls in place for OT systems.
• Prepare and review accreditation packages, including system security plans (SSPs), risk assessments, and security control assessments
• Must have the ability to communicate accurate information

Required:

* Secret Clearance
* Must be eligible for IT-II
* Five (5) years of relevant C&A experience; Risk Management Framework (RMF) and NIST C&A experience; DOD cybersecurity experience
* Experience in assessing security controls and conducting authorization reviews for large, complex organizations.
* Relevant certification meeting DOD 8570.01 IAM level III, or IAT level II
* Bachelor's degree in Computer Science, Information Technology, Cybersecurity, Engineering, or a related field.

Desired:

* DLA/DOD Experience
* Experience or training in Operational Technology (OT) systems
* Certified Information Systems Security Professional (CISSP); Certified Information Security Manager (CISM); Certified in Risk and Information Systems Control (CRISC); or Global Industrial Cyber Security Professional (GICSP)
* Master's degree.

Benefits include:

• Medical, Dental, and Vision Plans (PPO & HSA options available)
• Flexible Spending Accounts (Health Care & Dependent Care FSA)
• Health Savings Account (HSA)
• 401(k) with matching contributions
• Roth
• Qualified Transportation Expense with matching contributions
• Short Term Disability
• Long Term Disability
• Life and Accidental Death & Dismemberment
• Basic & Voluntary Life Insurance
• Wellness Program
• PTO
• 11 Holidays
• Professional Development Reimbursement

Please contact talent@amyx.com with any questions!

Amyx is proud to be an Equal Opportunity Employer. All qualified candidates will be considered without regard to race, color, religion, national origin, age, disability, sexual orientation, gender identity, status as a protected veteran, or any other characteristic protected by law. Amyx is a VEVRAA federal contractor and we request priority referral of veterans.

Physical Demands

Employee needs to be able to sit at a workstation for extended periods; use hand(s) to handle or feel objects, tools, or controls; reach with hands and arms; talk and hear. Most positions require ability to work on desktop or laptop computer for extended periods of time reading, reviewing/analyzing information, and providing recommendations, summaries and/or reports in written format. Must be able to effectively communicate with others verbally and in writing. Employee may be required to occasionally lift and/or move moderate amounts of weight, typically less than 20 pounds. Regular and predictable attendance is essential.