Skills: IT - Analysis & Management
Experience: 4 + Years
Education: Associates/2 yr Degree/Diploma
Location: Hanover, Maryland, United States
No location/work authorization restrictions found.
Oceaneering is a global provider of engineered services and products, primarily to the offshore energy industry. We develop products and services for use throughout the lifecycle of an offshore oilfield, from drilling to decommissioning. We operate the world's premier fleet of work class ROVs. Additionally, we are a leader in offshore oilfield maintenance services, umbilicals, subsea hardware, and tooling. We also use applied technology expertise to serve the defense, entertainment, material handling, aerospace, science, and renewable energy industries.
The Project Cybersecurity Analyst is responsible for all aspects of cybersecurity for assigned systems. This may include the administration of network devices, servers, desktop systems, communications hardware/software, and office systems
Duties & Responsibilities
- Prepare and edit Certification & Accreditation (C&A) and System Assessment & Authorization (SA&A) as part of NIST SP 800-37 Risk Management Framework (RMF) system. Prepare application accreditation packages for assigned systems.
- Monitors authorizations to ensure annual requirements are met. Prepare and update packages as necessary to support re-authorization as needed for assigned systems. Prepare and submit reports on authorization status.
- Ensure security measures are implemented, operational, managed, and validated as outlined in published security plans. Ensure system(s) maintain compliance with authorization(s).
- Perform continuous monitoring tasks and prepare documentation for assigned systems in support of Authorizations to Operate (ATOs). Perform Security control assessments as part of Continuous Monitoring NIST SP 800-53 V4 compliance sustainment for application, infrastructure, and network.
- Perform configuration management and prepare documentation for assigned systems in support of ATOs.
- Prepare and analyze event analysis and triage (gathering information, deriving conclusions, driving mitigations) and assist in preparing incident reports.
- Maintain required mandatory certifications as necessary to support assignment as a privileged user and sustain DoD IA training and certification requirements IAW DoD 8570.1M
- Assist in the development, documentation, and support of user training plan(s).
- Proactively look for ways to better apply technology to the organization's primary mission; answer questions, resolve problems, and communicate changes in software and operations.
- Evaluate the impact of system and network changes; prepare documentation to support re-approval of the security packages as appropriate.
- As assigned, perform administrative tasks for systems, including data backup support, system security, and user account management support.
- As assigned, provide support for servers, network and desktop hardware, software, and applications. Monitor the day-to-day activities on system and document changes as required.
- Perform technology needs analysis end-to-end.
- Roll out hardware and software to ensure optimal deployment of resources.
- Provide occasional field installation support. A few one-week trips per year to be expected.
- Plan and assist in hands-on cable routing and hardware maintenance.
- Manage and maintain hardware and software packages for assigned systems. Maintain lists of software and hardware and update documentation.
- As assigned, perform or validate backups and backup storage.
- May assist in training entry level Cybersecurity Analysts.
- Additional duties as assigned.
- This position has no supervisory responsibilities.
- Reports to Staff Cybersecurity Analyst.
- Associates degree in Computer Science, Management Information Systems, or a related field. Equivalent experience may be considered in lieu of a degree.
- Minimum 4-6 years of experience as an Administrator on a medium sized network of servers, desktop systems, and communications devices using current technologies.
- Specialized certification and compliance in accordance with DoD 8570.1M. Candidate must achieve certification within 6 months of assignment (MCSE, A+, CISCO, Security +, CISSP for assignment as IAT level II). As a condition of privileged access to any information system, personnel performing IA functions must satisfy both preparatory and sustaining DoD IA training and certification requirements in accordance with DoD 8570.1M.
- Advanced familiarity with RMF and ATO processes.
- Familiarity with certifications under the RMF, and a proven ability to perform continuous management activities.
- In-depth knowledge of ICD 503, DoD 8570.1M, and the RMF.
- Creation and updates for all RMF documentation (SSP, SCTM, CMP, RAR, SAR, POA&M)
- Demonstrated knowledge of Windows servers and desktop products.
- Demonstrated ability to support networked printers and photocopiers.
- Demonstrated working knowledge of current communications devices and protocols, and server and desktop technologies.
- Demonstrated experience with auditing systems
- Facilitation and change management skills.
- Ability to interact with personnel from other engineering and technical disciplines both inside and outside of the company, including systems engineers, electrical engineers, designers, drafters, fabrication shop personnel, and hardware vendors.
- Ability to perform technical surveys and organize/resolve technical issues.
- Ability and willingness to travel as necessary. Travel may include shipboard installation work.
- Willingness to work non-standard work schedules, such as off-hour backups and system upgrades.
- Highly developed verbal and written communication skills.
- Fitness for special background investigation (SBI).
- Ability to obtain and maintain security clearance.
- Experience with commercial and/or military systems.
Equal Opportunity Employer
All qualified candidates will receive consideration for all positions without regard to race, color, age, religion, sex (including pregnancy), sexual orientation, gender identity, national origin, veteran status, disability, genetic information, or other non-merit factors.
Oceaneering pushes the frontiers of deep water, space and motion entertainment environments to execute with new, leading-edge connections to solve tomorrow’s challenges, today.
As the trusted subsea connection specialist, our experience combined with the depth and breadth of our portfolio of technologies allows us to engineer solutions for the most complex subsea challenges. From routine to extreme, our integrated products, services, and innovative solutions safely de-risk operational systems, increase reliability, and enable a lower total cost of ownership.
We are connecting what’s needed with what’s next as the world’s largest ROV operator and the leading ROV provider to the oil and gas industry with over 300 systems operating worldwide. With our safety-focused and innovative approach, we responsively and decisively react to subsea challenges while providing solutions swiftly and efficiently.