Senior Cybersecurity Analyst
Employment Term: Regular
Employment Type: Full-Time
Experience: 5-7 years
Education: Bachelor Degree
Degree Field: Computer Science, Electrical Engineering, Information Security, Information Technology, Technical
A combination of training, certifications, and relevant work experience may be considered to meet the education requirement.
Applicant is subject to government security investigation and must meet eligibility requirements for clearance level required for the job.
An Active DoD Secret clearance is required for this position.
Travel: CONUS & OCONUS 25%
Candidate must possess a current passport with 8 months remaining until the expiration date.
Telecommuting is approved for this position.
Job Description and Requirements:
Risk Mitigation Consulting, Inc. (RMC), a DoD mission assurance and risk mitigation Government contractor, is seeking a Senior Cybersecurity Analyst in the VA area.
- Health, vision, and dental insurance for the employee is paid in full by RMC and dependent health care is subsidized by RMC.
- This position participates in the Annual Bonus Program.
The Senior Cybersecurity Specialist will support Risk Mitigation Consulting, Inc. by providing cybersecurity support for Platform Information Technology (PIT) and Operational Technology (OT) system owners and clients to support the development of operational policy, cybersecurity design and construction, and Risk Management Framework (RMF) Assessment and Authorization (A&A) services. The Sr. Cybersecurity Specialist is proficient in conducting risk-based assessment processes to provide courses of action to maintain the availability of control systems and improve their cybersecurity operating posture. Attention to detail, critical thinking, continuous training and staying continuously informed on cyber threats and vulnerabilities, and mitigations across operational technology and control systems is a critical aspect of the position.
- Utilize applicable National Institute of Standards and Technology (NIST), Unified Facilities Criteria (UFC) and Unified Facilities Guidance Specifications (UFGS) to identify, document and implement applicable security controls in support of PIT/OT, Building Automation, Utility and Facility Related Control System (FRCS) design and construction projects. .
- Utilize applicable NIST, Committee on National Security Systems Instruction (CNSSI) and military service specific RMF guidance to lead the development of RMF A&A documentation throughout the Department of Defense (DoD) RMF process in order to achieve PIT/OT, Building Automation, Utility and FRCS Authority to Operate (ATO).
- Support Third Party Validators in assessing and validating cybersecurity controls on IT and OT networks and systems, to include preparation of Risk Assessment Reports, Vulnerability Mitigation/Correction Plans of Action & Milestones (POA&M) and Final System Validation Packages.
- Provide support to Navy and U.S. Marine Corps Mission Assurance Assessment Teams from a Utility and FRCS perspective, as needed.
- Assist RMC with identifying potential new business opportunities from both government and commercial vendors.
- Possess extensive knowledge of IT, OT and Industrial Control System (ICS) cybersecurity concepts (e.g., defense in depth, access control, boundary protection, continuous monitoring, anomaly detection, etc.).
- Leverage automated assessment tools and applications to facilitate control system audits and vulnerability assessments.
- Proficient in the Risk Management Framework (RMF) process, having experience in performing one or more roles in the process.
- Understand the DoD’s Facility Related Control System (FRCS) cybersecurity assessment process, preferably having supported one or more military services or organizations.
- Develop and deploy secure system baselines and configurations.
- Must have excellent writing skills, strong communication abilities, good time management, computer, internet, and organizational skills
- Work confidently in a fast-paced environment with the ability to independently support multiple projects
- Possess an in-depth knowledge of concepts, best practices and DoD programs spanning network, information and control system security; such as governance and risk management, access control, cryptography, physical security, security architecture and design, business continuity/disaster recovery planning, network security, application and operations security, compliance and incident management.
- Technical and IT audit background with practical knowledge of a wide variety of technologies, including control systems, infrastructure and operating systems, network and web infrastructures, database architecture and intrusion detection/prevention systems
- Ability to work in a team environment and take initiative to help ensure team tasks are successfully completed within required timelines
- Possess strong problem-solving and analytical skills.
Required Certifications: Security +
Compliance with a drug-free work environment, U. S. Citizen, possess valid State driver’s license.
RMC is an equal opportunity employer and considers qualified applicants for employment without regard to race, color, creed, religion, national origin, sex, sexual orientation, gender identity and expression, age, disability, veteran status, or any other protected factor.
« Return to Job Listing