Information Security Analyst

Barbaricum is a rapidly growing government contractor providing leading-edge support to federal customers, with a particular focus on Defense and National Security mission sets. We leverage more than 15 years of support to stakeholders across the federal government, with established and growing capabilities across Intelligence, Analytics, Engineering, Mission Support, and Communications disciplines. Founded in 2008, our mission is to transform the way our customers approach constantly changing and complex problem sets by bringing to bear the latest in technology and the highest caliber of talent.

Headquartered in Washington, DC's historic Dupont Circle neighborhood, Barbaricum also has a corporate presence in Tampa, FL, Bedford, IN, and Dayton, OH, with team members across the United States and around the world. As a leader in our space, we partner with firms in the private sector, academic institutions, and industry associations with a goal of continually building our expertise and capabilities for the benefit of our employees and the customers we support. Through all of this, we have built a vibrant corporate culture diverse in expertise and perspectives with a focus on collaboration and innovation. Our teams are at the frontier of the Nation's most complex and rewarding challenges. Join us.

Barbaricum is seeking a Information Security Analyst to support a Marine Corps customer in its development with subject matter and technical expertise to assist in supporting all functions of the program in its development, execution, and supervision of plans, polices, programs, and practices that deliver, control, protect, and enhance the value of data, information, and analytic assets throughout their lifecycles.

This requirement includes supporting the development and sustainment of an environment used for data management, facilitate requirements development, and data systems integration to improve maintenance, sustainment, and processes across the logistics chain.

• Deliver Post Deployment Software Support (PDSS) with the subject expertise, knowledge, skills, and abilities to execute all software development life cycle (SDLC) activities to sustain and/or enhance the program managed IT solutions, including maintain and enhance Master Data Repository (MDR), Asset Enterprise Management Information Tool (AEMIT), Life Cycle Modeling Integrator – Portal (LCMI-P), Master Scheduling Support Tool (MSST) and Secondary Repairable Total Allowance Recomputation Tool (START).
• Utilize Remedy to manage all application requirements and requests for changes (RFCs). MARCORLOGCOM will provide Remedy access after contractors complete MarineNet training courses required for obtaining access.
• Document a level of effort (LOE) to complete the Remedy work order prior to beginning work.
• Test changes in the developer’s local environment before pushing to Government provided development environment (referred to as “user acceptance testing” (UAT) environment).
• Test changes in UAT environment before notifying the Government Lead.
• Promote code changes live at a time/day approved by the Government Lead.
• Evaluate the production environment, to ensure all changes were successfully deployed and submit the results to the Government Lead.
• Provide expert technical consulting and analyst support necessary to document, design, and implement required changes.
• Provide skilled technical onsite daily support for Manpower applications and troubleshooting expertise in Oracle Database, Oracle Application Server, Web Logic, Web Center, Java, Angular, and SQL technologies.
• Deliver configuration management, version control and bug tracking of all source code, servers, web applications, architectures, and their associated configurations within each System and application.
• Ensure that systems are maintained in accordance with appropriate Department of Defense (DoD) directives, policies, and guidelines.
• Provide support services to accomplish the necessary IA activities to maintain an Authority to Operate (ATO) for MDR (RMF-197), LCMI-P (RMF-199), AEMIT (RMF201), and MSST (RMF-202)
• Provide continuous IA compliance and project status tracking.
• Develop and maintain the Defense Information Assurance Risk Management Framework (DIARMF) in accordance with National Institute of Standards and Technology requirements.
• Conduct Information Systems Continuous Monitoring (ISCM) planning and implementation.
• Maintain internal IA Policy and Standard Operating Procedures (SOP) and revaluate annually.
• Conduct IS environment cyber security assessments as required by DoD policy and regulations.
• Provide and maintain Risk Analysis and Management.
• Provide Security Architecture, Design, and Engineering upon implementing new systems or applications and modification to existing systems or applications to maintain current accreditation status.
• Obtain and maintain Certification and Accreditation (C&A), Assessment and Authorization (A&A), and Validation for all required ATO’s.
• Conduct Information Assurance Vulnerability Management (IAVM).
• Assist in Security Incident Response (IR) Planning and Execution.
• Monitor and control performance and Information Security/Information Assurance compliance as determined by the program's Information Security System Manager.
• Provide support with Marine Corps Certified Application (MCCA), Operational Directives, Marine Corps Directives (MCD), Marine Forces Cyberspace Command (MFCC) direction, Cyber Protection Team (CPT) support, Assured Compliance Assessment Solution (ACAS) support and McAfee HBSS/epos services.
• Ensure databases are backed up daily; ensure all back-ups are current, secure, and available.
• Provide security administration, auditing, and disaster recovery support. Databases will be compliant with current cyber security guidelines as set forth in Security Technical Implementation Guidelines (STIG) and vendor and/or DoD vulnerability patches and alerts.
• Ensure databases are maintained in accordance with DoD Directives (See Appendix A and B) and other superseding guidance as directed by the COR.
• Provide support for all six stages of SDLC: requirement determination/validation, analysis, solution design, solution development, system test and implementation/sustainment. Documentation and system evaluation are also required. 
• Provide support to sustain and enhance extract, transform, and load (ETL).
• Create, modify, and sustain of all interfaces. 
• Ensure MDR Production and ODBC databases are identical, unless otherwise approved by the Government.
• Perform MDR database loads daily.
• Troubleshoot and resolve daily load errors.
• Submit Oracle SRs as required to solve errors.
• Provide expert technical advice in leveraging cloud native database technologies to ensure effective and efficient cloud operation.

• Active DoD Secret Clearance required.
• Bachelor’s degree in computer science, or other relevant degree.
• 10+ years USMC Risk Management Framework experience
• Certified Information Systems Security Professional (CISSP) or equivalent DoD 8570 certification.
• Information Systems Security Certification Consortium (ISC)2.
• DISA Host Based Security System Admin.
• DISA Host Based Security System Advanced.
• DISA Assured Compliance Assessment Solution.

Additional Information

For more information about Barbaricum, please visit our website at www.barbaricum.com.  We will contact candidates directly to schedule interviews.  No phone calls please.