Cybersecurity Analyst

About The Position

Requirements

• An active secret clearance is required to be considered for this position.
• Bachelor's degree from an accredited university in Cybersecurity, Computer, Electrical, or Electronics Engineering, or Mathematics with a concentration in computer science or equivalent is required.
• At least one (1) year of experience providing information technology, networking, or cybersecurity support to a Navy program office.
• Must be IAT, IAM, or IASAE Level I qualified per the DoD 8570.1M (CompTIA Security + or higher level equivalent).
• Must possess basic computer literacy and data entry skills.
• Demonstrated proficiency in Microsoft Office applications (to include MS Word, Excel, PowerPoint, etc.).
• Strong attention to detail and organizational skills.
• Excellent verbal and written communication skills.
• Demonstrated problem-solving skills.
• Must possess strong time management skills.
• Must be able to work in a fast-paced, changing, and challenging environment.
• Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.

Responsibilities

• Conduct independent RMF Step 4 security control assessments to evaluate the effectiveness of implemented controls and determine residual cybersecurity risk in support of Authorization to Operate (ATO) decisions.
• Perform comprehensive Accreditation & Authorization (A&A) activities, including detailed review, validation, and analysis of RMF packages and supporting artifacts such as System Security Plans (SSPs), network and architecture diagrams, authorization boundary documentation, security control implementation statements, Security Assessment Plans (SAPs), Security Assessment Reports (SARs), test plans, test procedures, test results, and Plans of Action and Milestones (POA&Ms).
• Review network topologies, data flow diagrams, interface documentation, and system architecture artifacts to validate security categorization, control allocation, boundary definition, control inheritance, and external service dependencies for accuracy and completeness within the authorization package.
• Identify, analyze, and document security control deficiencies, vulnerabilities, and gaps; assess likelihood and impact; determine residual risk; and develop risk mitigation and remediation recommendations for Authorizing Officials (AOs).
• Evaluate security test strategies and results to ensure assessment procedures adequately validate control effectiveness and meet DoD and Navy RMF requirements.
• Assess cybersecurity impacts of system changes, configuration updates, interface modifications, and inherited controls to support ongoing authorization, continuous monitoring, and reauthorization decisions.
• Develop formal risk assessment documentation and authorization decision support materials, providing clear, defensible risk determinations and recommendations aligned with DoD and Navy cybersecurity policy.
• Support continuous monitoring activities by reviewing updated SSPs, change requests, vulnerability scan results, POA&M updates, and periodic reassessment artifacts to ensure sustained risk visibility and compliance.
• Provide independent cybersecurity risk analysis during technical and program reviews to inform authorization decisions, audit readiness, and compliance inspections.
• Bid and proposal support if requested.
• Other duties as assigned.

Benefits

• This position is eligible to participate in our corporate 401(k) and Employee Stock Ownership Plan (ESOP) programs, and may be eligible for performance bonuses, and other rewards and benefits