Job Overview:

We are seeking a skilled Cybersecurity Analyst to join our team. The ideal candidate will play a crucial role in safeguarding our IT infrastructure and ensuring the security of our systems and data.

Responsibilities

· Assess the system effectiveness and compliance against National Institute of Standards and Technology (NIST) and DoD security requirements to include the NIST 800-53A controls and Defense Information Systems (DISA) Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs).

· Perform DISA STIG implementation assessments on IT platforms and applications.

· Research vulnerabilities, originating from various sources, for impacts and perform risk assessments of vulnerabilities and develop effective written mitigations to reduce felt risk.

· Produce evidence to support compliance status of NIST and DoD security requirements in an Amazon Web Services (AWS) environment.

· Develop, update, and review RMF documentation to include System Security Plans, Implementation Plans, Plans of Action and Milestones (POA&Ms), and Risk Assessment Reports and interact with these documents in the Government eMASS system.

· Complete Navy RMF processes as identified in the RMF Process Guide (RPG) and Security Control Assessor (SCA) Risk Assessment Guide (RAG).

· Perform continuous monitoring activities.

· Comply with Federal Information Security Management Act (FISMA) and Federal Information System Controls Audit Manual (FISCAM) Instructions.

· Required to use the automated RMF A&A tools, such as Enterprise Mission Assurance Support Service (eMASS), to complete and document DoD compliant RMF A&A activities.

· Oversee efforts to enhance security and reliability to ensure data shared with partner systems is properly protected.

· Provide weekly status reports and perform other related duties as assigned.

Qualifications

· Must have an Active SECRET DoD Security Clearance.

· Must have a Bachelor’s Degree.

· Must have minimum of three (3) to five (5) years’ experience in Information Security / Information Assurance / Cybersecurity analysis supporting systems, networks, applications, and cross-domain solutions.

· Must have in-depth knowledge of and will have successfully implemented NIST, DoD, and Navy Cybersecurity policies, guidance, and standards (e.g., DoDI 8510.01, FIPS-199, FIPS-200, NIST SP 800-37, NIST SP 800-53, NIST SP 800-53A, etc.).

· Must have experience with RMF/A&A and Cybersecurity policy development; explicitly Steps 4 (implement), 5 (assess), and 7 (monitor).

· Must perform independently and/or as part of a team to move the mission forward.

· Must communicate effectively in writing and verbally.

· Must be a self-starter and take ownership, responsibility, and initiative for the successful and timely completion of all tasks and areas assigned.

· Must meet SECNAV M-5239.2 Cybersecurity Workforce Credential requirements of IAT or IAM Level III, one of the following certifications: Security ce, Certified Information Security Manager (CISM); Certified Information Systems Security Professional (CISSP); CompTIA Advanced Security Practitioner (CASP ); or GIAC Security Leadership Certification (GSLC).

· Must balance multiple projects to meet tight deadlines and customer satisfaction.

· Preferred experience communicating, briefing, and working with senior level government and / or industry leadership.

· Preferred experience with large System Analysis Program (SAP) Enterprise Resource Planning (ERP) system cybersecurity.

· No travel anticipated.

Job Type: Full-time

Benefits:

• 401(k)
• 401(k) matching
• Dental insurance
• Health insurance
• Life insurance

Experience level:

• 3 years

Schedule:

• Monday to Friday
• Weekends as needed

Education:

• Bachelor's (Required)

Experience:

• Cybersecurity: 3 years (Required)

Security clearance:

• Secret (Required)

Ability to Commute:

• Washington Navy Yard, DC 20374 (Required)

Work Location: Hybrid remote in Washington Navy Yard, DC 20374