Cybersecurity Analyst

Key Role:
Provide technical support and apply expertise in assessing information system compliance with DoD and Navy Risk Management Framework (RMF) standards and help the firm and our clients in developing Assessment and Authorization packages for critical Navy systems. Review, verify, and validate required DoD RMF documentation and artifacts in accordance with DoD Instruction 8510.01 RMF for DoD IT and the Navy RMF Process Guide (RPG). Analyze and process the documents and artifacts required to obtain and maintain the Authority to Operate (ATO) for information systems. Perform reviews of content and artifacts that are developed in the Assess and Authorize (A&A) process. Support the client in conducting RMF Checkpoints and other collaboration activities, including High-Risk Escalation (HRE), Conditional Authorization Requests (CARs), Authorization Condition Follow-ups (ACFs), Boundary Change Requests (BCRs), and RMF Bridge Conversion (RBC) activities. Gather facts through research, interviews, and surveys. Apply effective communication expertise in consulting and business process improvement to help steer teams to successful outcomes.

Basic Qualifications:

-3+ years of experience with performing enterprise IT system administration or Cybersecurity engineering in administering Windows Operating Systems and UNIX and Linux environments

-2+ years of experience with operating and maintaining a Windows Domain environment, including Active Directory, DNS, or DHCP and Windows Operating System Hardening

-1+ years of experience with ACAS and Security Controls testing and accreditation package validation

-Experience with interpreting, implementing, and testing DoD STIGs for Windows-based technologies

-Experience in deploying DoD Windows Secure Host Baseline (SHB) and working with a Host-Based Security Solution (HBSS) to protect the network  

-Experience with configuring, implementing, and troubleshooting security settings via Group Policy Objects (GPOs)

-Ability to articulate Cybersecurity concerns on both technical and administrative levels

-Secret clearance

-HS diploma or GED

-DoD 8570.01 IAT Level II Certification, including Security+ CE

Additional Qualifications:

-Experience with VMware and Citrix a plus

-Experience with supporting DoD clients

-Experience with Microsoft SQL database hardening

-Experience with DoD policies, procedures, and protocols

-Experience with GPO for test analysis and development of mitigation strategies preferred

-Experience with analyzing and maintaining DoD Information Assurance Certification and Accreditation Process (DIACAP) and RMF packages

-Knowledge of RMF

-Ability to implement Standard Operating Procedures (SOPs)

-BA or BS degree

-MSCA, MCP, or VMware Certification a plus

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.

Not ready to apply? Join our talent community and sign up for job alerts.