Cyber Risk Analyst (TS/SCI)

Reston, VA, United States

Red Gate Group

Red Gate is a certified SDVOSB whose core services include intelligence analysis, strategic planning, policy development, operational design, and technology integration services.

View company page

Company Description

At RED GATE we do everything we can to serve our clients:
Using the right technical skills, unique methodologies, best practices, and integrated technology, we help clients implement bold solutions. New approaches to emerging and evolving threats. Non-traditional ways to overcome entrenched obstacles. Advantage through opportunity. If you have a serious challenge or problem, we can help you solve it.  The below job description provides details on how this role will help to serve our clients.

Job Description

The Red Gate Group is seeking a TS/SCI cleared Cyber Risk Analyst to support the Defense Threat Reduction Agency’s (DTRA) Operations & Integration Directorate in Reston, VA. If you’re ready to decipher the complexities of cyber threats and turn them into actionable plans for the DoD and the IC, join us, and play a pivotal role in safeguarding critical networks and systems.

In a world inundated with cyber threats, organizations struggle to navigate the noise and understand their risks. As a Cyber Risk Analyst, you will be the answer to this challenge. Utilize your expertise to assess cyber risks, develop mitigation strategies, and guide clients through effective security measures.

Responsibilities:

  • Collaborate with DoD programs to identify and analyze cyber risks.
  • Work closely with engineers and SMEs to assess the threat landscape.
  • Develop comprehensive plans of action to mitigate cyber risks.
  • Translate complex security concepts into actionable insights for clients.
  • Assist in the development and maintenance of security documentation.
  • Stay abreast of evolving cybersecurity trends and technologies.

Qualifications

Required Experience & Skills

  • Active TS/SCI
  • 5+ years of experience working in a professional IT environment
  • 3+ years of experience with cybersecurity
  • 3+ years of experience with Assessment and Authorization (A&A) in support of DoD and IC programs, including package development, artifact generation, and authority to operate (ATO)
  • Experience with security hardening of Windows and Linux operating systems and security tools, such as ACAS, SCAP, STIG/SRGs, SCC, eMASS/Xacta, ESS, Prisma Cloud, Kubernetes, Rancher, and Docker
  • Experience generating and maintaining System Security Plans (SSP), Implementation Plans, Privacy Impact Assessments, Security Assessment Plans (SAP), Risk Assessments, Plan of Action and Milestones (POA&M), and other A&A documentation.
  • Knowledge of Risk Management Framework (RMF) and the A&A activities needed to obtain and maintain an ATO, including National Institute of Standards and Technology (NIST) and Committee on National Security Systems Instruction (CNSSI), including NIST SP 800-60, NIST SP 800-53, and CNSSI 1253
  • IAT Level II Certification, including a Security+ Certification

 

Desired Experience & Skills

  • Experience with DoD or IC cybersecurity projects or programs
  • Experience with DevSecOps, Path-to-Production, and CI/CD
  • Experience with Cloud Authorization and Cloud Migration
  • Experience with administering Red Hat Enterprise Linux or Windows Server 2012 or higher
  • Ability to provide subject matter expertise to system engineering documents, including technical requirements documents, interface control documents, and system specifications
  • Ability to analyze and communicate complex technical challenges to both technical and non-technical clients and stakeholders
  • Ability to communicate and integrate between multiple customer stakeholders
  • Bachelor's degree

Additional Information

The Red Gate Group, Ltd. is an Equal Opportunity/Affirmative Action Employer. The Red Gate Group, Ltd. considers applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state, or local law.  EEO is the Law

Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: ACAS CI/CD Cloud DevSecOps Docker DoD eMASS Kubernetes Linux NIST NIST 800-53 POA&M Privacy Red Hat Risk assessment Risk management RMF SAP SCAP Security assessment System Security Plan TS/SCI Windows

Region: North America
Country: United States
Job stats:  9  1  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.