Job Description
Job Description The Cyber Risk Assessment Analyst - Intermediate provides technical and analytical support to the DISA Infrastructure Executive by performing cybersecurity standardization and risk management tasks. This position ensures cybersecurity baselines are developed and maintained across IE1 and IE6, and contributes to risk analysis, accreditation, and reporting functions in support of CCRIs, SAVs, and other inspections. Key Tasks & Responsibilities Assist in drafting/maintaining cybersecurity baseline documents including CSSP, CONOPS, PPP, SOPs, and IRPs. Evaluate newly released IAVMs, STIGs, and SRGs for applicability and support preparation of waiver requests when fixes cannot be implemented within required timelines Support development of POA&Ms, ensure submission within 30 days, and update bi-monthly status reports Contribute to the preparation of accreditation packages, due 70-90 days prior to ATO expiration, and ensure all FISMA requirements are met Provide input to FISMA reports, CMRS Risk Status Reports, and ACAS scan results for reporting to the Government ISSM Participate in CCRI, SAV, A&A, and self-assessments, providing documentation/analysis in support of inspections Education & Experience Bachelor's degree or equivalent experience required Command Cyber Readiness Inspection (CCRI) Site Assistance Visit (SAV)/ Assessment and Authorization (A&A) Cyber Self-Assessments Assist in the preparation of CVPA (Cooperative Vulnerability and Penetration Assessment) AA (Adversary Assessment) DISA Risk Management Executive (RME) Decision Support System (DSS) Auditing and reporting of systems, networks, documentation, RMF controls, DoD 8140.03 requirements, IAVMs, STIGs and DISA Task Order (DTO) and CYBERCOM Task Order (CTO) Certification