Mission Objectives ? The Army Aviation Center of Excellence (AVCOE) requires dedicated Cybersecurity Analysts to safeguard critical IT systems and data that support aviation training and operational readiness. In this role, you will provide comprehensive cybersecurity services including compliance management, vulnerability assessment, risk management, and incident response. You will ensure AVCOE IT systems maintain proper security posture through rigorous implementation of federal and DoD security requirements, STIG compliance, and continuous security monitoring. Your expertise will directly contribute to the protection of sensitive military information while enabling AVCOE to fulfill its mission of training and developing Army aviation personnel.
Position Responsibilities:
- Ensure AVCOE policy compliance for all IT systems by implementing technical solutions in accordance with DoD, NETCOM, DISA, TRADOC, AVCOE, and Signal Command requirements while adhering to FISMA, NIST standards, and FIPS guidelines.
- Conduct regular vulnerability assessments by reviewing, analyzing, and interpreting threat and vulnerability risk assessments and recommending appropriate measures to effectively manage identified risks.
- Apply Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs) to AVCOE managed server environments and perform bi-weekly patch updates to maintain systems' security posture.
- Develop and maintain documentation for information assurance/information security incident handling and immediately report suspected and confirmed incidents in accordance with AVCOE G-6 Cybersecurity Division (CSD) guidance.
- Manage the Army Training & Certification Tracking System (ATCTS) by continuously evaluating user network access compliance, adding/removing/changing users, and providing weekly reports detailing non-compliant users and forecast of compliance issues.
- Support AVCOE Continuity of Operations Plan (COOP) by testing and demonstrating the G-6 portion of the Disaster Recovery Plan (DRP) annually and providing comprehensive summary reports.
- Perform specialized ISSO/ISSM functions for the Directorate of Simulation (DOS) internal systems, both unclassified and classified, including implementation and maintenance of Closed Restricted Networks (CRN) and support for Risk Management Framework (RMF) activities.
- Participate in change management processes, attend Technical Review Board meetings, and provide updates to the COR on changes impacting AVCOE systems, maintaining compliance with ITIL fundamentals.
- Collaborate with database administrators and data owners to ensure proper encryption of personally identifiable information (PII) and implementation of appropriate database security controls.
- Generate and deliver bi-weekly security compliance reports detailing STIG status and patch management activities across AVCOE environments.
