Quadrus Corporation is seeking a Cyber Information Systems Security Analyst Level 3/4.

This position will be located in Roy, UT. This position requires travel to the supplier sites to interface directly in person with suppliers. Travel is up to 50%. Must have a clearance.

Responsibilities will include but not be limited to the following:

• Collaborate with suppliers in a matrixed environment in support of various ATO supporting activities.
• Establish strict program control processes to ensure mitigation of risks and support obtaining certification and accreditation of systems; this includes support of process, analysis, coordination, security certification test, security documentation, as well as investigations, software research, hardware introduction and release, emerging technology research inspections, and periodic audits.
• Assist in the implementation of the required government policy (i.e., JSIG, DAAPM) and make recommendations on process tailoring, and participate in and document process activities.
• Perform analyses to validate established security requirements and to recommend additional security requirements and safeguards.
• Support the formal Security Test and Evaluation (ST&E) required by each government authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports.
• Document the results of Assessment and Authorization activities and technical or coordination activity and prepare the system Security Plans and update the Plan of Actions and Milestones POA&M.
• Periodically conduct a complete review of each system's audits and monitor corrective actions until all actions are closed.

This position may be filled at a higher level based on the qualifications below.

Basic Qualifications Level 3:

• Associate's degree with 7 years of experience, or Bachelor's degree with 5 years of experience, or Master's degree with 3 years of experience; a High School diploma or equivalent with 19years of experience may be considered in lieu of a completed degree.
• Current DoD Secret level security clearance with an original adjudication, or a periodic reinvestigation date, completed within the last 6 years; maintaining the required security clearance will be a condition of continued employment.
• The ability to obtain a Special Access Programs (SAP/SAR) clearance within a reasonable period of time as determined by the company, and also by customer and/or program requirements; maintaining a SAP clearance will be a condition of continued employment.
• Current DoD 8570 IAM Level II security certification (i.e CAP, CISSP, etc.)
• Demonstrated expert knowledge of cybersecurity practices, network technologies, and system development life-cycles, in addition to an understanding of information technology infrastructure management/monitoring and applications.
• Experience developing guidelines, monitoring policies, and enforcing standards for cybersecurity frameworks and industry best practices supporting National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, CNSSI 1253, and DoD Risk Management Framework (RMF).

Basic Qualifications Level 4:

• Associate's degree with 11 years of experience, or Bachelor's degree with 9 years of experience, or Master's degree with 7 years of experience; a High School diploma or equivalent with 13 years of experience may be considered in lieu of a completed degree.
• Current DoD Secret level security clearance with an original adjudication, or a periodic reinvestigation date, completed within the last 6 years; maintaining the required security clearance will be a condition of continued employment.
• The ability to obtain a Special Access Programs (SAP/SAR) clearance within a reasonable period of time as determined by the company, and also by customer and/or program requirements; maintaining a SAP clearance will be a condition of continued employment.
• Current DoD 8570 IAM Level II security certification (i.e CAP, CISSP, etc.)
• Demonstrated expert knowledge of cybersecurity practices, network technologies, and system development life-cycles, in addition to an understanding of information technology infrastructure management/monitoring and applications.
• Experience developing guidelines, monitoring policies, and enforcing standards for cybersecurity frameworks and industry best practices supporting National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, CNSSI 1253, and DoD Risk Management Framework (RMF).

Preferred Qualifications:

• Working knowledge of Microsoft and Linux Red Hat operating system.
• Working knowledge and understanding of auditing, vulnerability scanning/remediation, SIEMs, DISA STIGs, configuration/change control, and implementation of Risk Management Framework.
• Strong verbal and written communication skills to produce coherent and concise documentation required for certification evaluation.