This is contingent upon award.

Job Title: Cybersecurity Analyst (contingent)

Job Summary:
Seeking an experienced Cybersecurity Analyst/Information Assurance Manager (IAM) Level III to provide cybersecurity expertise and ensure compliance with military Risk Management Framework (RMF) requirements. The ideal candidate will have extensive knowledge of cybersecurity engineering, risk management, and systems assessment within large, complex information systems.

Key Responsibilities:

• Provide expert guidance to ensure that systems comply with military RMF requirements as outlined in DoDI 8510.01 for DoD Information Technology (IT).
• Support the Authority to Operate (ATO) process and maintain ATO certifications.
• Conduct technical assessments of systems using tools like Assured Compliance Assessment Solution (ACAS), Security Content Automation Protocol (SCAP), and Security Technical Implementation Guides (STIGs).
• Identify and analyze system vulnerabilities, developing Plans of Action & Milestones (POA&Ms) for remediation.
• Recommend and implement effective remediation strategies to address identified security deficiencies.
• Assess programmatic impacts associated with the implementation of common control requirements within the Risk Management Framework (RMF).
• Provide expertise on cloud and network security, including cloud security infrastructure products and tools.
• Utilize a variety of cybersecurity tools and technologies, including but not limited to:
• Host Based Security System (HBSS)
• Data Loss Prevention-Endpoint (DLPe)
• Endpoint Security (ENS)
• ePolicy Orchestrator (ePO)
• Tychon
• Threat Intelligence and analysis
• Internet of Things (IoT) security
• AI/ML applications
• Windows Server Update Services (WSUS)
• Security Information and Event Management (SIEM) tools, such as Splunk
• Identity and Access Management (IAM) solutions
• Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) tools
• SCAP, STIG Viewer, and Evaluate STIG tools.

Qualifications:

• Proficient understanding of the Risk Management Framework (RMF) and its application to complex information systems.
• Strong analytical skills with the ability to identify and assess cybersecurity vulnerabilities and risks.
• Excellent written and verbal communication skills for reporting findings and recommendations clearly to stakeholders.

Education and Experience:

• Bachelor’s degree in Cybersecurity, Information Technology, or a related field; relevant certifications are a plus.
• Minimum of 5 years' experience in cybersecurity engineering.
• Required certifications: DoD 8570.01-Manual (M) Baseline Certification for an Information Assurance Manager (IAM) Level III.
• Secret security clearance is required.