Cyber Risk Analyst (TS/SCI)
Reston, VA, United States
Red Gate GroupRed Gate is a certified SDVOSB whose core services include intelligence analysis, strategic planning, policy development, operational design, and technology integration services.
At RED GATE we do everything we can to serve our clients:
Using the right technical skills, unique methodologies, best practices, and integrated technology, we help clients implement bold solutions. New approaches to emerging and evolving threats. Non-traditional ways to overcome entrenched obstacles. Advantage through opportunity. If you have a serious challenge or problem, we can help you solve it. The below job description provides details on how this role will help to serve our clients.
The Red Gate Group is seeking a TS/SCI cleared Cyber Risk Analyst to support the Defense Threat Reduction Agency’s (DTRA) Operations & Integration Directorate in Reston, VA. If you’re ready to decipher the complexities of cyber threats and turn them into actionable plans for the DoD and the IC, join us, and play a pivotal role in safeguarding critical networks and systems.
In a world inundated with cyber threats, organizations struggle to navigate the noise and understand their risks. As a Cyber Risk Analyst, you will be the answer to this challenge. Utilize your expertise to assess cyber risks, develop mitigation strategies, and guide clients through effective security measures.
- Collaborate with DoD programs to identify and analyze cyber risks.
- Work closely with engineers and SMEs to assess the threat landscape.
- Develop comprehensive plans of action to mitigate cyber risks.
- Translate complex security concepts into actionable insights for clients.
- Assist in the development and maintenance of security documentation.
- Stay abreast of evolving cybersecurity trends and technologies.
Required Experience & Skills
- Active TS/SCI
- 5+ years of experience working in a professional IT environment
- 3+ years of experience with cybersecurity
- 3+ years of experience with Assessment and Authorization (A&A) in support of DoD and IC programs, including package development, artifact generation, and authority to operate (ATO)
- Experience with security hardening of Windows and Linux operating systems and security tools, such as ACAS, SCAP, STIG/SRGs, SCC, eMASS/Xacta, ESS, Prisma Cloud, Kubernetes, Rancher, and Docker
- Experience generating and maintaining System Security Plans (SSP), Implementation Plans, Privacy Impact Assessments, Security Assessment Plans (SAP), Risk Assessments, Plan of Action and Milestones (POA&M), and other A&A documentation.
- Knowledge of Risk Management Framework (RMF) and the A&A activities needed to obtain and maintain an ATO, including National Institute of Standards and Technology (NIST) and Committee on National Security Systems Instruction (CNSSI), including NIST SP 800-60, NIST SP 800-53, and CNSSI 1253
- IAT Level II Certification, including a Security+ Certification
Desired Experience & Skills
- Experience with DoD or IC cybersecurity projects or programs
- Experience with DevSecOps, Path-to-Production, and CI/CD
- Experience with Cloud Authorization and Cloud Migration
- Experience with administering Red Hat Enterprise Linux or Windows Server 2012 or higher
- Ability to provide subject matter expertise to system engineering documents, including technical requirements documents, interface control documents, and system specifications
- Ability to analyze and communicate complex technical challenges to both technical and non-technical clients and stakeholders
- Ability to communicate and integrate between multiple customer stakeholders
- Bachelor's degree
The Red Gate Group, Ltd. is an Equal Opportunity/Affirmative Action Employer. The Red Gate Group, Ltd. considers applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state, or local law. EEO is the Law
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: ACAS CI/CD Cloud DevSecOps Docker DoD eMASS Kubernetes Linux NIST NIST 800-53 POA&M Privacy Red Hat Risk assessment Risk management RMF SAP SCAP Security assessment System Security Plan TS/SCI Windows
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Product Security Engineer jobs
- Open Senior Security Architect jobs
- Open Security Operations Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Ingénieur DevSecops H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Security Specialist jobs
- Open Senior Cyber Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Windows-related jobs
- Open Agile-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open ISO 27001-related jobs
- Open CISM-related jobs
- Open Analytics-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open DevOps-related jobs
- Open CISA-related jobs
- Open Security Clearance-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs
- Open IDS-related jobs
- Open CI/CD-related jobs
- Open APIs-related jobs
- Open Splunk-related jobs