Cybersecurity Systems Analyst, Senior

AmentumTampa, FL
$67,000 - $103,000Onsite

About The Position

Amentum is seeking a Senior Cybersecurity Systems Analyst to provide Assessment and Authorization (A&A) assistance within the Risk Management Framework (RMF) concept to support the defense in depth program for networks, systems, services, and devices at US Special Operations Command South. This role involves conducting thorough risk assessments of information systems (IS) to ensure they maintain the appropriate level of confidentiality, integrity, and availability, adhering to national, DoD, DIA, and NSA security regulations and directives. The contractor will follow DoD RMF and Intelligence Community Directive (ICD) 503 for A&A support and recommendations, including processing Connection Approval Packages (CAPs) for the Defense Information Systems Network (DISN) and the Defense Intelligence Agency (DIA) Approval Authorities.

Requirements

  • 8+ years of experience
  • BA/BS degree
  • Current DoD 8570.01-M, IAT-Level III or IAM Level III certification (Examples: CISSP (or Associate), CASP+CE, CISA, CISM, CCISO, GCED, GCIH, CCSP, or GSLC)
  • Technical background with system administration experience, architecture and engineering preferred
  • Technical background in networking, identity management, Microsoft and Linux operating systems, database, and mobility
  • Working knowledge of the RMF.
  • Must have excellent communications skill (written and oral) and interpersonal skills.
  • Knowledge and experience with DoD IA processes and policies (e.g., DODI 8510.01, NIST, CNSS and other cybersecurity policies, Chairman of the Joint Chiefs of Staff Manual (CJCSM) 65101.01, Incident Response and other IA policies).
  • Active TS/SCI clearance required.
  • US Citizenship is required to obtain a security clearance.

Nice To Haves

  • Knowledge of the Telos Xacta or Enterprise Mission Assurance Support Services (eMASS) system is desired.
  • Experience with the US Combatant Commands (USCENTCOM/USSOCOM) is desired.

Responsibilities

  • Performs assessment and authorization coordination.
  • Advises and assists the customer with Risk Management Framework (RMF) and develops a Plan of Action and Milestones for resolving network deficiencies in accordance with DODI 8510.01 and ICD 503.
  • Assesses network compliance against controls listed in NIST 800-53 and creates A&A packages.
  • Performs assessment, compliance, and validation of IT systems to support the Cybersecurity program at USSOCOM, its Component Commands, TSOCs, and deployed forces.
  • Executes a comprehensive assessment, compliance, and validation of customer networks to ensure compliance with regulations and security and standards.
  • Identifies and mitigates potential shortcomings and vulnerabilities to ensure the integrity of customer systems.
  • Advises USSOCOM, its Component Commands, TSOCs, and deployed forces on network and system risks, risk mitigation courses of action, and operational strategies.
  • Performs security evaluations and vulnerability assessments using the DOD Assured Compliance Assessment Solution (ACAS), Nessus vulnerability scanning tool and Security Content Automation Protocol tool.
  • Identifies applicable STIGs and performs assessments using the Security Content Automation Protocol tool.
  • Liaisons with network and system administrators to correct identified deficiencies.
  • Scans (or reviews scans) for new systems and applications being introduced into the SOF environment, identifies issues, and drafts certification letters for the government.
  • Liaisons with the Site Integration Facility (SIF) to ensure systems and applications meet the standards in the DISA Security Technical Implementation Guides (STIG).
  • Tracks A&A status of SIE governed ISs.
  • Ensures A&A artifacts and documentation are available in the USSOCOM-chosen automated tool for cybersecurity.
  • Provides DoD & IC RMF subject matter expertise to USSOCOM, its Component Commands, TSOCs, deployed forces and their delegates, including other Contractors, and assists with the development and execution of the RMF program.
  • Maintains, tracks, and validates DISN, cloud and DIA connection approval packages, including those from USSOCOM, its Component Commands, TSOCs, and other subordinate organizations.
  • Develops and maintains supporting documentation for new and existing networks, cloud environments, information systems and technologies.
  • Develops and reviews the A&A of SIE networks, cloud environments, systems, services, telecommunication circuits, mobile devices, portable electronic devices, hardware, and software using the DoD & IC RMF to obtain an Authority to Operate (ATO), Interim Authority to Test (IATT), or Authority to Connect (ATC).
  • Performs risk and vulnerability assessments of IT and IS for authorization; prepares risk assessment reports for submission to the SCA and Authorizing Official/Designated Authorizing Official/Designated Accrediting Authority (AO/DAO/DAA).
  • Assists USSOCOM, its Component Commands, TSOCs and deployed forces with the enforcement of A&A, as well as DoD, DIA, USSOCOM, Component Command, TSOC, and deployed forces’ connection standards for networks and systems.
  • Tracks and maintains A&A databases, websites and tools to ensure that networks, systems and devices are properly documented and managed from a cybersecurity perspective.
  • Tracks and reports to higher headquarters organizations (e.g. USCYBERCOM, DIA) compliance with applicable Cybersecurity regulations and directives.
  • Ensures timely notifications are made to responsible individuals and organizations to prevent lapses in accreditations (e.g., 30-, 60-, and 90-day notices).
  • Develops and maintains an Information Security Continuous Monitoring (ISCM) Plan.
  • Identifies, assesses, and advises on cybersecurity control compliance and associated risks.
  • Coordinates with USCYBERCOM, DoD, DIA, NSA, DISA, and subordinate organizations to support the resolution of issues with security, A&A, connection approvals, and waiver requests.
  • Performs network, cloud, information systems, hardware, software and device security authorization and assessments, as well as the application and execution of policy, including project management support services.
  • Validates the patching of systems, performs validation scanning, develops Plans of Action & Milestone (POA&Ms), and reports as directed by applicable policies, procedures, and regulations.
  • Provides subject matter expertise for COA development and the implementation of Cybersecurity mitigation strategies.
  • Develops and implements required processes, procedures, and capabilities to mitigate vulnerabilities and weaknesses for software and hardware deployment.
  • Identifies, implements and validates continued effectiveness of key performance parameters and applied security measures.
  • Performs analytics on cybersecurity posture and provides reports to the AO/DAO and applicable stakeholders as required per ISCM and AO/DAO direction.

Benefits

  • Health, dental, and vision insurance
  • Paid time off and holidays
  • Retirement benefits (including 401(k) matching)
  • Educational reimbursement
  • Parental leave
  • Employee stock purchase plan
  • Tax-saving options
  • Disability and life insurance
  • Pet insurance
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service