Senior Cybersecurity Analyst
Location: Washington, DC Metro Area
Clearance Requirement: TS/SCI
Β
Responsibilities:
Provides expert support to the FLTCYBERCOM Authorizing Official (AO) in the execution of Risk Management Framework (RMF), Authorization to Use/Connect (ATU/C) processes and other NAO division(s) core functions to inform and support AO authorization decisions. Supports the ATU/C process by evaluating operational risk indicators (ORIs) and cybersecurity implications to inform FLTCYBERCOM risk decisions for systems connecting to the DoDIN-N. Coordinates with customers and program offices to ensure compliance with applicable directives, policies, and instructions, including but not limited to the Federal Information Security Management Act (FISMA), OMB Circular A-130, NIST SP 800 Series, FIPS Publications, and Navy RMF governance. Assists in negotiating RMF Assessment and Authorization (A&A) and ATU/C processes, as well as task management, to achieve or maintain Authorization to Operate (ATO) approvals or ATU/C approvals. Prepares and updates A&A and ATU/C work products to meet compliance standards and sustain operational readiness for mission-critical systems. Prepares reports, correspondence, white papers, letters, and other related documentation to support AO objectives and assigned projects, maintaining alignment with FLTCYBERCOM mission priorities, including the secure, operate, and defend mission for the DoDIN-N.
Β
Required Experience: More than 6 yearsβ experience for each section below:
- Conducts comprehensive risk and vulnerability assessments, performs analyses of security controls, and develops remediation and mitigation strategies to address identified risks.
- Experience in providing business process improvements/ analysis, lean/agile methodologies and providing administrative/ technical support services and management.
- Provides oversight of Continuous Monitoring (CONMON) activities, including vulnerability analysis, risk assessments, and security posture evaluations, ensuring compliance with DoD and Navy cybersecurity directives.
- Prepares and delivers technical reports, white papers, and analyses of vulnerabilities associated with complex Navy information systems and emerging technologies, providing critical input for sound, risk-informed decisions at all levels.
- Evaluates and validates RMF and ATU/C-related work products from external agencies, Navy organizations, and mission partners, ensuring alignment with Navy and DoD cybersecurity compliance requirements.
- Demonstrates a high level of competence in process analysis (vulnerability analysis, operational risk analysis/threat analysis/assessment) and the development of RMF and ATU/C artifacts to support AO responsibilities and decisions.
- Possesses advanced technical expertise in DoD cloud architectures, DevSecOps, enterprise architectures, 5G technologies, tactical platforms, and other relevant technologies in use with modern enterprises.
- Experience and understanding of DoD cybersecurity and policies, instructions and NIST publications as they relate to the Authorizing Official.
- Demonstrates a high level of expertise in critical domains such as DoD Ports, Protocols, and Services Management (PPSM), Cross Domain Solutions (CDS), Security Technical Implementation Guides (STIGs), Security Requirements Guides (SRGs), ACAS, eMASS, and other DoD tools essential for RMF, ATU/C, and ATO processes.
- Advanced level with MS office tools and related services.