Cyber Risk Analyst (TS/SCI)

Company Description

At RED GATE we do everything we can to serve our clients:
Using the right technical skills, unique methodologies, best practices, and integrated technology, we help clients implement bold solutions. New approaches to emerging and evolving threats. Non-traditional ways to overcome entrenched obstacles. Advantage through opportunity. If you have a serious challenge or problem, we can help you solve it.  The below job description provides details on how this role will help to serve our clients.

Job Description

The Red Gate Group is seeking a TS/SCI cleared Cyber Risk Analyst to support the Defense Threat Reduction Agency’s (DTRA) Operations & Integration Directorate in Reston, VA. If you’re ready to decipher the complexities of cyber threats and turn them into actionable plans for the DoD and the IC, join us, and play a pivotal role in safeguarding critical networks and systems.

In a world inundated with cyber threats, organizations struggle to navigate the noise and understand their risks. As a Cyber Risk Analyst, you will be the answer to this challenge. Utilize your expertise to assess cyber risks, develop mitigation strategies, and guide clients through effective security measures.

Responsibilities:

• Collaborate with DoD programs to identify and analyze cyber risks.
• Work closely with engineers and SMEs to assess the threat landscape.
• Develop comprehensive plans of action to mitigate cyber risks.
• Translate complex security concepts into actionable insights for clients.
• Assist in the development and maintenance of security documentation.
• Stay abreast of evolving cybersecurity trends and technologies.

Qualifications

Required Experience & Skills

• Active TS/SCI
• 5+ years of experience working in a professional IT environment
• 3+ years of experience with cybersecurity
• 3+ years of experience with Assessment and Authorization (A&A) in support of DoD and IC programs, including package development, artifact generation, and authority to operate (ATO)
• Experience with security hardening of Windows and Linux operating systems and security tools, such as ACAS, SCAP, STIG/SRGs, SCC, eMASS/Xacta, ESS, Prisma Cloud, Kubernetes, Rancher, and Docker
• Experience generating and maintaining System Security Plans (SSP), Implementation Plans, Privacy Impact Assessments, Security Assessment Plans (SAP), Risk Assessments, Plan of Action and Milestones (POA&M), and other A&A documentation.
• Knowledge of Risk Management Framework (RMF) and the A&A activities needed to obtain and maintain an ATO, including National Institute of Standards and Technology (NIST) and Committee on National Security Systems Instruction (CNSSI), including NIST SP 800-60, NIST SP 800-53, and CNSSI 1253
• IAT Level II Certification, including a Security+ Certification

Desired Experience & Skills

• Experience with DoD or IC cybersecurity projects or programs
• Experience with DevSecOps, Path-to-Production, and CI/CD
• Experience with Cloud Authorization and Cloud Migration
• Experience with administering Red Hat Enterprise Linux or Windows Server 2012 or higher
• Ability to provide subject matter expertise to system engineering documents, including technical requirements documents, interface control documents, and system specifications
• Ability to analyze and communicate complex technical challenges to both technical and non-technical clients and stakeholders
• Ability to communicate and integrate between multiple customer stakeholders
• Bachelor's degree

Additional Information

The Red Gate Group, Ltd. is an Equal Opportunity/Affirmative Action Employer. The Red Gate Group, Ltd. considers applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state, or local law.  EEO is the Law