Mission Assurance Analysts are in charge of rapidly provisioning classified, closed, or air gapped environments in which to deploy Anduril products or software. Well versed in a combination of Information Technology, Security and government accreditation processes, Mission Assurance Analysts are forward thinkers able to utilize their sharp critical thinking skills to resolve conflicts with customer approval processes, product velocity, monitoring the security baseline of an information system, and are at the forefront of getting our software and hardware greenlit for real-world deployment.

Anduril's closed programs house a variety of networking infrastructures, operating systems, and software environments. Mission Assurance Analysts monitor closed program infrastructures to maintain the standards outlined within the Risk Management Framework and other related frameworks. Deploying complex tech solutions in a highly regulated field requires individuals with a deep understanding of cybersecurity and the ability to prove compliance with technical security controls. As such, thorough proficiency in cybersecurity and technical writing is required. As part of a small but growing team you will be expected to wholly own problem sets, take non-standard approaches to solve hard problems and be comfortable with uncertainty, and monitor classified systems for compliance / insider threat. Everyday you will see the impact of your efforts while being given the flexibility to explore and contribute to projects that interest you.


WHAT YOU’LL DO

• Serve as IT / RMF Auditor for classified network systems / business line product deployments.
• Monitor system compliance to ensure that authorized patches have been implemented within prescribed timeframes.
• Make recommendations, justify, and implement improvements using an accepted change control methodology.
• Take technology standards from the commercial space and apply them in classified, air-gapped environments.
• Work in close coordination with the ISSM and ISO in monitoring the information systems(s) for unauthorized security relevant changes / user behavior that may prove detrimental to the operational network environment.
• Report to the ISSM / ISO all irregularities found within system environments.
• Develop / maintain RMF documentation for standing up, maintaining, or bringing through end of life cycle classified network environments.
• Define, document, and follow standards and best practices for incident response, chain of custody, and sanitization procedures.
• Drive scripting and automation to enhance the security posture of network environments.

REQUIRED QUALIFICATIONS

• Familiar and comfortable with monitoring of Linux and Windows-based systems and fundamentals of networking.
• Basic familiarity with JSIG, NISPOM (32 CFR Part 117) DAAPM, applicable NIST publications, and RMF.
• Demonstrate knowledge of exploits, attacks, and tools used by skilled hackers.
• 2-4 years of experience in Cybersecurity (ISSO, System Administrator) or related discipline (vulnerability management, SOC, threat hunting, Cyber intel, GRC or other governance role).
• DoD Top Secret clearance with SCI eligibility.
• GSEC, Security+, Bachelor’s in Information Technology discipline (For DoD 8140 compliance)

PREFERRED QUALIFICATIONS

• Prefer experience or knowledge of modern software development techniques and processes and their security (CI pipelines, microservices architectures, cloud and container based deployments).
• Scripting knowledge (Python, Bash, Powershell, etc.)
• Networking / Virtualization certifications (CCNA, Network+, VCTA-NV)

EVEN BETTER

• CASP+ or CCNP Security or CCSP