Policy & Compliance Analyst Resume Sample
Work Experience
- Experience with general IT
- Experience with FISMA, RMF, and NIST SP 800-53 and 53A
- Experience with FISMA, RMF, and NIST SP 800–53 or 53A or equivalent policies
- Experience with FISMA activities, including system security plans, contingency plans, incident response plans, configuration management plans, security control requirements and assessments, Plan of Action and Milestones (POA&M), and training requirements
- Experience with applying NIST SP 800-37 Risk Management principles, interpreting requirements, and developing implementation guidance
- Experience with implementing requirements and guidance and analyzing policies, procedures, guidance, standards, and instructional materials
- Experience in working with interagency teams to design, develop, and implement FISMA compliant solutions that meet current and future business requirements and enhance and optimize the existing security architecture
- Knowledge of Federal Privacy requirements, including Privacy Impact Assessments (PIAs) and personally identifiable information (PII)
- Knowledge of Cloud security processes
- Knowledge of all principal Joint and Army Cyberspace operations (CO)–related policy, doctrine, statutes, regulations, directives, C2 guidance, and strategic–level operational plans, orders, and concepts
- Knowledge of the Army Cyberspace operations enterprise, including ARCYBER, JFHQ–C, CMF, NETCOM, INSCOM, HQDA and the DoD CO enterprise, such as USSTRATCOM, USCYBERCOM, JFHQ–Cs, National Agencies, GCCs, FCCs, JFHQ–DODIN, or Service Cyber Components
- Knowledge of Global Force Management processes, includinf the Global Force Management Implementation Guidance (GFMIG)
- Experience in the Cybersecurity area or Information Assurance (IA) supporting DoD or federal programs, including DIACAP and RMF, such as accreditation package development and security control testing or validation
- Experience with business process reengineering, organizational change management, strategic communications, Lean Six Sigma, strategic planning, organizational design, integrated master scheduling, performance management, or overhead optimization
- Experience with DoD Secure Technical Implementation Guidance (STIGs), checklists, and Security Requirements Guides (SRGs)
- Experience with developing C&A policy, guidance, or procedures
- Experience with IA principles, National Institute of Standards and Technology (NIST) Special Publications, federal regulations, security standards, and DoD and Department of Navy (DoN) policies
- Experience with system security engineering
- Experience with RMF, including policy changes and analyzing whitepapers
- Experience with FISMA, RMF, and NIST SP 800–53 or 53A
Education
Professional Skills
- Strong management skill set with proven ability to manage multiple tasks simultaneously
- Strong research skills – ability to gather information about unfamiliar subjects from multiple sources with little or no assistance
- Possession of excellent organizational and analytical and skills
- Possession of excellent oral and written communication skills, including written technical expertise
- Motivated self-starter with sharp analytical skills
- Multi-faceted, eager and quick to learn new skills
- Experience with analyzing, assessing, or implementing NIST 800-53 Rev 4 security controls, CCIs, and equivalent assessment procedures
How to write Policy & Compliance Analyst Resume
Policy & Compliance Analyst role is responsible for government, software, training, database, security, wireless, architecture, reporting, research, languages.
To write great resume for policy & compliance analyst job, your resume must include:
- Your contact information
- Work experience
- Education
- Skill listing
Contact Information For Policy & Compliance Analyst Resume
The section contact information is important in your policy & compliance analyst resume. The recruiter has to be able to contact you ASAP if they like to offer you the job. This is why you need to provide your:
- First and last name
- Telephone number
Work Experience in Your Policy & Compliance Analyst Resume
The section work experience is an essential part of your policy & compliance analyst resume. It’s the one thing the recruiter really cares about and pays the most attention to.
This section, however, is not just a list of your previous policy & compliance analyst responsibilities. It's meant to present you as a wholesome candidate by showcasing your relevant accomplishments and should be tailored specifically to the particular policy & compliance analyst position you're applying to.
The work experience section should be the detailed summary of your latest 3 or 4 positions.
Representative Policy & Compliance Analyst resume experience can include:
- Proven experience supporting compliance programs within the technology space
- Experience with analyzing, assessing, or implementing assessment procedures, including NIST security controls and CCIs
- Experience with developing security and compliance reporting that is meaningful and actionable for a variety of audiences, including executive management
- Solid understanding of processes for assessing and designing internal controls for large scale organisations
- Solid understanding of processes for assessing and designing internal controls for large scale organizations
- Experience with analyzing, assessing, or implementing NIST 800-53 Rev 4 security controls, CCIs, and associated assessment procedures
Education on a Policy & Compliance Analyst Resume
Make sure to make education a priority on your policy & compliance analyst resume. If you’ve been working for a few years and have a few solid positions to show, put your education after your policy & compliance analyst experience. For example, if you have a Ph.D in Neuroscience and a Master's in the same sphere, just list your Ph.D. Besides the doctorate, Master’s degrees go next, followed by Bachelor’s and finally, Associate’s degree.
Additional details to include:
- School you graduated from
- Major/ minor
- Year of graduation
- Location of school
These are the four additional pieces of information you should mention when listing your education on your resume.
Professional Skills in Policy & Compliance Analyst Resume
When listing skills on your policy & compliance analyst resume, remember always to be honest about your level of ability. Include the Skills section after experience.
Present the most important skills in your resume, there's a list of typical policy & compliance analyst skills:
- Possession o excellent oral and written communication skills
- Navy Qualified Validator (NQV) Level I, II, or III Certification or legacy Fully Qualified Navy Validator (FQNV) Certification
- Navy Qualified Validator (NQV) Level III Certified or legacy Fully Qualified Navy Validator (FQNV)
- Navy Qualified Validator (NQV) Level I, II, or III or legacy Fully Qualified Navy Validator (FQNV) Certification
- Experience with analyzing, assessing, or implementing NIST 800-53 Rev 4 security controls, CCIs, and associated assessment procedures
- Experience with analyzing, assessing, or implementing NIST 800-53 Rev 4 security controls, CCIs, and associated assessment procedures
List of Typical Experience For a Policy & Compliance Analyst Resume
Experience For Cybersecurity Policy & Compliance Analyst Resume
- Experience with developing IT policy, guidance, or procedure documentation supporting Cybersecurity accreditation
- Experience with IT administration, IT Cybersecurity, or IT help desk, including Tier I or Tier II
- Experience with system vulnerability analysis
- Knowledge of the Defense Readiness Reporting System, including how to build MET lists, review and approve METs, and assign user privileges
- Identify, research and evaluate new compliance requirements and ensure they are incorporated into Facebook’s security policy framework
- Data Security Standards (PCI DSS), regulations governing personally identifiable information (PII), SOC2 and SOC3 trust principles, and other applicable regulatory compliance frameworks
- Experience with information assurance, security practices, critical infrastructure risk analysis
- Experience with DIACAP in the DON and client communities
- Knowledge of NAVNINTEL and GENSER RMF processes
Experience For Lead Policy Compliance Analyst Resume
- Experience with information assurance, Cybersecurity, Cyber policy and compliance, Cybersecurity testing and analysis, development and submission of C&A packages under DIACAP, and authorization packages under RMF
- Knowledge of DIACAP and RMF accreditation processes, Enterprise Mission Assurance Support Service (eMASS), DoD STIG and SRG, and DoD and Navy Cybersecurity policies and requirements
- Experience with IT policies and regulations
- Experience as an operational-level planner at an AOC or Functional OC
- Work independently to certify and accredit DoD information systems and networks
- Security+ Certification or ability to obtain an IA Workforce 8570 Certification within 6 months of hire
- 8570 IAT II Certification within 30 days of hire
- Obtain 8570 IAT II Certification within 30 days of hire
- Knowledge of RMF processes
Experience For Security Policy & Compliance Analyst Resume
- Experience in Microsoft Office tools, including Word, PowerPoint, and Excel in the development of strategy division products, such as AOD or equivalent, COA briefs, or operations assessment products
- Knowledge of Joint planning processes, component-level planning processes, development of the Air or Cyber Operations Directive, including AOD and CyOD, coordination of kinetic and non-kinetic effects, operational assessment processes, and how these are used to support real-world operations
- Consistently prepare clear, concise, and visually enticing communication documents for senior leaders
- Knowledge of federal information security policies, standards, procedures, directives, and frameworks, including FISMA, NIST 800-53, Revision 4, and the Risk Management Framework
- Knowledge of performing Operational Security Assessments (OSAs)
- Knowledge of the implementation of DCID 6/3 and ICD 503
- Perform information assurance (IA) analysis of SCI systems
- DoDI 8570.01 Certification required
- Knowledge of JSIG and RMF
Experience For IT Policy & Compliance Analyst Resume
- Work autonomously to accomplish ISSO- or ISSM-related tasks
- Experience with applying information assurance (IA) frameworks, including NIST RMF, NIST SP 800-53, NIST SP 800-37, DIACAP, and ICD 503) to IT system development or assessments
- Experience with analyzing IA policies and procedures, including access control, incident response, contingency planning, and configuration or change management
- Experience with administering, operating, or interpreting and analyzing the results of vulnerability or configuration scans using tools that include Tenable Nessus, Retina, Nexpose, and WebInspect
- Experience with SAP as an ISSO, ISSM, or in a related capacity
- Experience with performing Cybersecurity accreditation, including DIACAP C&A and RMF A&A activities, such as accreditation package development and security control testing or validation
- Experience with Cybersecurity principles, National Institute of Standards and Technology (NIST) Special Publications, federal regulations, and security standards
- DoD Cybersecurity Workforce, including Security+ Certification or ability to obtain within 6 months of hire
- DoD Cybersecurity Workforce Certification, including Security+ or ability to obtain within 6 months of hire
Experience For Cyber Security Policy & Compliance Analyst Resume
- Experience with applying information assurance (IA) frameworks, including NIST RMF, NIST SP 800-53, NIST SP 800-37, DIACAP, and ICD 503 to IT system development or assessments
- Experience with administering, operating, or interpreting and analyzing the results of vulnerability or configuration scans using tools, including Tenable Nessus, Retina, Nexpose, and WebInspect
- Experience with writing or drafting government accountability office, congressional, office of management and budget, or other formal senior-level correspondence
- Experience with IT administration, IT Cybersecurity, or IT help desk, including Tier I or Tier II
- Experience with applying information assurance (IA) frameworks, including NIST RMF, NIST SP, DIACAP, and ICD to IT system development or assessments
- Experience with analyzing IA policies and procedures, including access control, incident response, contingency planning, and configuration or change management
- Experience with managing Cybersecurity projects or programs
- Experience with administering, operating, or interpreting and analyzing the results of vulnerability or configuration scans via Tenable Nessus, Retina, Nexpose, or WebInspect
Experience For Policy & Compliance Analyst Resume
- Experience with executing A&A of DoD systems
- Experience with performing complex administrative and analytical tasks
- Experience with executing A&A for DoD systems
- Experience as a system administrator for Windows, Linux, HP-UX, Macintosh, or other UNIX-based operating systems
- Experience with DoD organizations and exercise or readiness assessments
- DoD 8570 or 8410 IAT II Certification, including CCNS Security, CSA+, GICSP, GSEC, Security+ CE, or SSCP
Experience For Cybersecurity Policy & Compliance Analyst Resume
- Knowledge of Windows Server 2008 R2, Windows Server 2012, Windows 7, Windows 10, Red Hat Linux (RHEL) 5,6, and 7, Macintosh OSX, and HP-UX operating systems
- Knowledge of MET language
- Knowledge of METs, readiness assessments, campaign plans, contingency plans, and missions
- Adapt to a high intensity environment
- Evaluate Information Technology’s and Shared Services’ adherence to corporate policy. Works with owners to remediate (where applicable) and perform continuous monitoring
- Broad technical understanding of current programming languages and tools/techniques (Java, C++/C#, J2EE, .NET, SOAP, ODBC/JDBC, etc.) and security issues associated with them
- Aptitude to understand issues and draw recommendations
- Takes ownership and sees things to their logical conclusion
Experience For Lead Policy Compliance Analyst Resume
- Experience with the NIST Risk Management Framework and SP 800 issuances, continuous monitoring, and information system security policies, standards, and procedures
- Experience with developing security policies, processes, and procedures in the federal government
- Experience with system and network vulnerability analysis, risk assessment and risk mitigation analysis, security test and evaluation (ST&E), contingency planning, and firewall policy, ports, and protocols
- Experience with IA concepts and requirements
- Experience with performing Security Control Assessments
- Experience with Risk Management Framework, Information Assurance, NIST 800 Series Special Publications, or OMB A–130
Experience For Security Policy & Compliance Analyst Resume
- Experience with common control programs
- Develop security assessment and risk assessment reports
- Security+, CAP, CISSP, or CISA Certification
- Analyze a security plan and perform system security analysis
- Experience with system and network vulnerability analysis, risk assessment and risk mitigation analysis, security test and evaluation (ST&E), contingency planning, and firewall policy, ports, and protocols
Experience For IT Policy & Compliance Analyst Resume
- Knowledge of the Risk Management Framework (RMF) process, National Institute of Standards and Technology (NIST) Special Publications (SP) 800–37, NIST SP 800–53, and Committee on National Security Systems Instruction (CNSSI) 1253
- DoD M 8570 - IAT II Certification, including GSEC, Security+ CE, or SSCP or IAM II Certification, including CAP, CASP, CISM, CISSP or Associate, or GSLC
- Experience with implementing requirements of National Institute of Standards and Technology (NIST) Special Publications (SP) 800–37, NIST SP 800–3, and Committee on National Security Systems Instruction (CNSSI) 1253
- Experience with the DoD Assessment and Authorization approval process
- Obtain a DoD M 8570 - IAT II Certification, including GSEC, Security+ CE, or SSCP or IAM II Certification, including CAP, CASP, CISM, CISSP or Associate, or GSLC
- CCRI Certification, including applicable walk–through training courses, onsite shadowing, and check-ride of CCRI certification for network vulnerability assessments and security scanning
List of Typical Skills For a Policy & Compliance Analyst Resume
Skills For Cybersecurity Policy & Compliance Analyst Resume
- Navy Qualified Validator (NQV) Level I, II, or III Certified or legacy Fully Qualified Navy Validator (FQNV) or Marine Corps Qualified Validator (MCQV)
- Navy Qualified Validator (NQV) Level I, II, or III, Legacy Fully Qualified Navy Validator (FQNV), or Marine Corps Qualified Validator (MCQV) Certification
- Experience with performing C&A or A&A activities, including accreditation package development and security control testing or validation
- Proven experience supporting compliance programs within the technology space
- Experience with preparing DIACAP or RMF packages and supporting documentation and DoD Authorization and Accreditation (A&A) process and standards
- Experience with responding to external audits and analyzing remediation plans
- Experience with populating a security control compliance repository or tools, including eMASS, Xacta, or RSA Archer
- Experience with populating security control compliance repository or tools, including eMASS, Xacta, and RSA Archer
Skills For Lead Policy Compliance Analyst Resume
- Experience with performing system decomposition analysis resulting in test batteries required for security control assessments
- Experience with populating security control compliance repositories or tools, including eMASS, Xacta, and RSA Archer
- Experience with DIACAP and NIST RMF policies, including continuous monitoring, information system security policies, standards, and procedures
- Experience with preparing DIACAP or RMF packages and supporting documentation and DoD A&A processes and standards
- Experience with writing or drafting executive, congressional, or equivalent formal senior-level correspondence
- Experience with strategy planning tools and templates or models use in providing commander’s guidance
Skills For Security Policy & Compliance Analyst Resume
- Experience with advising on how to remediate risks
- Experience in working with senior executives and senior government officials
- Experience with using the Enterprise Management Assurance Support Service (eMASS)
- Experience with performing system decomposition analysis that resulted in a test battery required for security control assessments
- Experience with analyzing the development of security assessment plans, security assessment reports, and risk assessment reports
- Experience in working with a Department of the Navy (DON) organization
- Experience with performing compliance reviews of weapons systems, industrial control systems (ICS), SCADA systems, Cloud-hosted systems, or RDT&E systems
- Experience with preparing full Risk Management Framework (RMF) Security Authorization Packages or legacy DIACAP packages
- Experience with developing Security Assessment Plans, Security Assessment Reports, and Risk Assessment Reports
Skills For IT Policy & Compliance Analyst Resume
- Experience with preparing full RMF security authorization packages or legacy DIACAP packages
- In-depth experience of data security frameworks and regulatory standards, including PCI, GAPP, SSAE16-SOC2, ISO27001/2, and SOX
- Experience with supporting OSD
- Experience with analyzing the development of Cybersecurity or Information Assurance policies, strategies, or equivalent issuances
Skills For Cyber Security Policy & Compliance Analyst Resume
- Experience with supporting senior-level organizations
- Experience with writing system security plans and other security-related documentation
- Experience with IT administration, IT Cybersecurity, or IT help desk, including Tier I or Tier II
Skills For Policy & Compliance Analyst Resume
- Experience with SCA for intelligence programs
- Experience with assessing new security laws, policies, or standards to determine program–level impact
- Experience with reporting security and project management activities
- Experience with the Authorization and Accreditation (A&A) process and standards
- Experience with acquisitions
- Experience with Cyber operations
- Experience with OSD, Service Staff, or Joint Staff as a contractor or military personnel
- Experience with SharePoint, Adobe Pro or Redax, CADRE or HighView, and HP TRIM records management software
Skills For Cybersecurity Policy & Compliance Analyst Resume
- Experience with information review and release case administration or analysis
- Experience with Cybersecurity or Information Assurance
- Experience with DON RMF process guide and templates
- Experience with project management planning
- Experience with IT Assessment and Authorization for the Navy or USMC
- Knowledge of NIST Cybersecurity controls and validation procedures
Skills For Lead Policy Compliance Analyst Resume
- Experience with information technology or Cybersecurity
- Experience with IT or Cybersecurity
- Experience with working with COSO, HIPAA, Model Audit Rule, Sarbanes-Oxley (SOX) or similar initiatives
- Strong knowledge of application controls
- Able to work independently, self drive productivity, and prioritize work efforts
- Interchangeably operate and execute in the weeds and more broadly
- Proven ability to solve intricate problems and conduct complex analyses
- Experience with writing or drafting executive, Congressional, or equivalent formal senior-level correspondence
- Experience with Cybersecurity or Information Assurance supporting DoD or federal programs
Skills For Security Policy & Compliance Analyst Resume
- Experience with DoD STIGs, checklists, and Security Requirements Guides (SRGs)
- Experience with RMF in the DON and client communities
- Experience with acquisition
- Experience with testing and developing SCI-level security accreditation packages
- Experience with SAP as an ISSO, ISSM, or in a related capacity
- Experience with information assurance and Cybersecurity practices
Skills For IT Policy & Compliance Analyst Resume
- In-depth understanding of data security frameworks and regulatory standards, including PCI, GAPP, SSAE16-SOC2, ISO27001/2, and SOX
- Knowledge of executing automated test tools, including WASSP, SecSCN, Retina Vulnerability Scanner, and ACAS
- Navigate the management interface of network technologies, including firewalls, router, and switches
- Knowledge of Navy or DoD network environments, including METOC
- Conduct security control selection, tailoring, and overlays
- Knowledge of DoD Vulnerability Management reporting and compliance
List of Typical Responsibilities For a Policy & Compliance Analyst Resume
Responsibilities For Cybersecurity Policy & Compliance Analyst Resume
- Experience with applying or following classification and declassification principles and practices
- Experience with a tactical Cyberspace organization, including the planning and execution of Cyberspace missions
- Experience in a Cyberspace organization at the operational-level of warfare providing operational, and strategic planning support
- Experience with analyzing security policies, processes, and procedures in the federal government
- Experience with preparing full RMF security authorization packages or legacy DIACAP packages
- Experience with accrediting Platform IT systems either under DIACAP or RMF
- Experience with performing security control assessments based on NIST 800-53A
- Experience with system security engineering
- Experience with software engineering
Responsibilities For Lead Policy Compliance Analyst Resume
- Experience in working with a Department of the Navy (DON) organization, Marine Corps, or military organization, culture, and policies
- Experience in international engagements, as a protocol or desk officer, or in an international liaison role
- Experience with the DON RMF process guide and templates
- Experience as an operational-level planner in an AOC, Joint operations center, or MAJCOM staff
- Experience with RMF, including system package development and processing
- Experience with populating security control compliance repository or tools, including eMASS, Xacta, or RSA Archer
- Experience with preparing full Risk Management Framework (RMF) Security Authorization Packages or legacy DIACAP packages
Responsibilities For Security Policy & Compliance Analyst Resume
- Experience with developing Security Assessment Plans, Security Assessment Reports, and Risk Assessment Reports
- Experience with preparing full Risk Management Framework (RMF) Security Authorization Packages or legacy DIACAP packages
- Experience with providing system and program level analysis and management of weapons systems
- Navy Qualified Validator (NQV) or ability to earn NQV rating within 6 months of hire
- Experience with security policy and manuals and the appropriate DCIDs, ICD 503, and other guiding policy documents
- Experience with military or supporting military operations at the tactical, operational and strategic levels
- Experience with the NIST Cybersecurity Framework
- DoD Cybersecurity Workforce (CSWF) Certification, including Security+, CISSP, CASP, SSCP, CISM, or GSLC CEH
Responsibilities For IT Policy & Compliance Analyst Resume
- Knowledge of DoN or DoD network environments, including Navy meteorology and oceanography
- Experience with DIACAP or NIST Risk Management Framework (RMF) policies, including continuous monitoring, information system security policies, standards, and procedures
- Experience with preparing DIACAP or RMF packages and supporting documentation, including DoD Authorization and Accreditation (A&A) process and standards
- Experience with performing Cybersecurity activities supporting software and system requirements, design, development, testing, or sustainment
- Experience with analyzing and writing technical documents
- Certified 8570 IAM Level 1, 2, or 3
- Lean Six Sigma, ISO, PMP, or other business process certification
Responsibilities For Cyber Security Policy & Compliance Analyst Resume
- Experience with system and network vulnerability analysis, risk assessment and risk mitigation analysis, including security test and evaluation (ST&E), contingency planning, and firewall policy, ports, and protocols
- Knowledge of Avionics systems, satellite ground systems, including satellite communications, and satellite operations
- CISM, CISSP, or CASP Certification
- Experience with DIACAP or NIST Risk Management Framework (RMF) policies, including continuous monitoring, information system security policies, standards, and procedures
- Experience with preparing DIACAP or RMF packages and supporting documentation and DoD Authorization and Accreditation (A&A) process and standards
Responsibilities For Policy & Compliance Analyst Resume
- Experience with system and network vulnerability analysis, risk assessment and risk mitigation analysis, security test and evaluation (ST&E), contingency planning, and firewall policy, ports, and protocols
- Knowledge of Avionics systems, satellite ground systems, satellite communications, and satellite operations
- DoD 8570 and DoD 8140 Certification
- Knowledge of security best practices for Windows and Linux environments
- Knowledge of federal information security policies, standards, procedures, directives and frameworks, including FISMA, NIST 800-53, Revision 4 and the Risk Management Framework (RMF)
- Security+, CISSP, or CISA Certification
- IAM Level 3 Certification
Responsibilities For Cybersecurity Policy & Compliance Analyst Resume
- IAM II or IAM III Certification
- Security+ or CISA Certification
- Possession of excellent oral and written communication skills, including communicating with and briefing senior civilian, military, and government officials and leaders efficiently
- Experience with preparing DIACAP or RMF packages and supporting documentation, including DoD Authorization and Accreditation (A&A) processes and standards
- Information Assurance Manager (IAM) Level III Certification, including CISM, GSLC, or CISSP
- Certified 8570 IAM Level 1, II, or III
Responsibilities For Lead Policy Compliance Analyst Resume
- Experience with performing Cybersecurity activities, including supporting software and system requirements, design, development, testing, or sustainment
- Experience with preparing RMF packages and supporting documentation, including DoD authorization and accreditation (A&A) processes and standards or with preparing DIACAP and supporting documentation
- Complete XACTA training within 6 months of hire
- DoD Cyber Security Work Force (CSWF) Certification, including Security+, CISSP, CASP, SSCP, CISM, or GSLC CEH
- One or more DoD Cybersecurity Workforce Certifications, including Security+, CISSP, CASP, SSCP, CISM, or GSLC CEH
- DoD 8570.01 IAM Level 1, 2, or 3 or IAT Level 2 or 3 Certification
- Knowledge of basic CERT RMM
Responsibilities For Security Policy & Compliance Analyst Resume
- CISSP, Security+, CISA or comparable certification
- Experience with system and network vulnerability analysis, risk assessment and risk mitigation analysis, ST&E, contingency planning, and firewall policy, ports, and protocols
- Knowledge of Navy or DoD network environments and DoD and Department of Navy Cybersecurity policies
- Knowledge of computer systems and equivalent information security software and hardware components, network systems, databases, and information systems security safeguards
- Splunk Certified User Certification
Responsibilities For IT Policy & Compliance Analyst Resume
- Experience with Cybersecurity best practices related to software and applications development, including Application Security Development STIG, software assurance, and secure coding standards
- DoD 8570 IAT III or IAM III
- Experience with information assurance, Cybersecurity, Cyber policy and compliance, Cybersecurity testing and analysis, development and submission of C&A packages under DIACAP, and authorization packages under RMF
- Experience with conducting vulnerability assessments using both automated and manual tools and guidance, including Security Technical Implementation Guidance (STIG), and Security Requirements Guidance (SRG)
- Experience with performing vulnerability scans using the Assured Compliance Assessment Solution (ACAS)