Mid-Level Cybersecurity Analyst/Engineer

Mid-Level Cybersecurity Analyst/Engineer

Provide cybersecurity expertise to surface combat system program offices.

Lead efforts to bring platform information technology systems through the full life cycle of the Risk Management Framework (RMF) process to achieve/renew Authority to Operate (ATO).

Perform cybersecurity Assessment & Authorization work under the RMF guidelines including categorization, security planning, POA&M updates, review test results and assess for security control compliance, perform risk assessments, complete ATO package preparation for receipt of timely ATO.

Coordinate with support team to ensure the hardening of systems under test to conform to all applicable regulations from DoD and the Defense Information Systems Agency (DISA). This includes but is not limited to Security Technical Implementation Guides (STIG), Security Requirements Guides (SRG).

Work with the NAVSEA, PEO IWS, combat system program offices to ensure DOD/DON cybersecurity regulations and best practices are followed in the design, development, and sustainment of the integrated combat systems and weapon systems.

Work as a team player comfortable interacting with many different people and effective at verbal and written communication, supporting face-to-face meetings, phone, and email interactions with program leads, engineers, and team members.

Advise DoD customers on secure design and implementation of systems and capabilities.

Identify security vulnerabilities and weaknesses in SW, HW and Architecture design for mission environments and be able to make recommended mitigations.

Provide mentorship and training to other team members.

Build briefs to convey critical information to decision makers.

Qualifications

Experience: 8 years direct cybersecurity work; experience evaluating the cyber compliance of a system against current RMF and DoD Cybersecurity policies.

Education: Bachelor’s Degree (BS/BA Cybersecurity Management or equivalent technical degree).

Knowledge of NIST SP 800-53, DoDI 8500.01, and DoDI 8510.01.

Desired Qualifications

DoD 8570 Information Assurance Management (IAM) III or IAT III Certification.

Experience working in an acquisition program office environment with documentation, protocols, formats, and deadlines.

Familiarity with Navy combat systems such as SSDS and AEGIS.

A working knowledge of DON, NAVSEA, and PEO IWS cyber regulations.

We are an Equal Opportunity Employer. As an Equal Opportunity Employer, we do not discriminate on the basis of race, color, religion, national origin, sex, age, marital status, disability or veteran status.