Jan 14
Secret
IT - Security
San Diego, CA (On/Off-Site)
Description
As a Cyber Risk Analyst on our team, you’ll use your experience to work with Navy programs to identify their cyber risks, conduct cyber security audit across PEO C4I systems, understand applicable policies, and develop a mitigation plan. You’ll review technical details from engineers and SMEs to assess the entire threat landscape. Then, you’ll guide your client through a plan of action with presentations, white papers, and milestones. You’ll work with your client to translate security concepts, so they can make the best decisions to secure their mission critical C4I and network systems.
Duties and Responsibilities:
You will support system A&A efforts through cyber risk assessment, policy analysis, technology evaluations, and National Institute of Standards and Technology (NIST) security control validation. Apply expertise in technology to analyze system security implementations, application security, and provide recommendations to decision makers and engineers.
You will leverage subject matter expertise in various Cybersecurity areas, including Department of Defense (DoD) Risk Management Framework (RMF) guidance, Security Test and Evaluation (ST&E), system vulnerability, and compliance in support of Assessment and Authorization (A&A) throughout the System Development Life Cycle (SDLC).
Review and provide guidance to hardware and software vendors to ensure secure system implementation.
Review vendor artifacts to ensure appropriate security practices are adhered to.
Identify applicable NIST security controls.
Create RMF artifacts and review security audits in both unclassified and classified environments.
Requirements
Basic Qualifications:
Bachelor’s degree in engineering, cybersecurity, or related technical field
Minimum 3+ years of experience with cybersecurity projects or programs
Thorough knowledge of the Risk Management Framework (RMF) and the Assessment and Authorization (A&A) activities needed to obtain and maintain an Authority to Operate (ATO)
Thorough knowledge of National Institute of Standards and Technology (NIST) and Committee on National Security Systems Instruction, including NIST SP 800-60, NIST SP 800-53, and CNSSI 1253
Active Secret clearance
Salary at Highbury Defense is determined by various factors, including but not limited to location, the individual’s particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $85,731 to $103,332. The estimate displayed represents the typical salary range for this position and is just one component of Highbury Defense’s total compensation package for employees.
We’re an equal employment opportunity/affirmative action employer that empowers our people to fearlessly drive change – no matter their race, color, ethnicity, religion, sex (including pregnancy, childbirth, lactation, or related medical conditions), national origin, ancestry, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, military or uniformed service member status, genetic information, or any other status protected by applicable federal, state, local, or international law.
As a Cyber Risk Analyst on our team, you’ll use your experience to work with Navy programs to identify their cyber risks, conduct cyber security audit across PEO C4I systems, understand applicable policies, and develop a mitigation plan. You’ll review technical details from engineers and SMEs to assess the entire threat landscape. Then, you’ll guide your client through a plan of action with presentations, white papers, and milestones. You’ll work with your client to translate security concepts, so they can make the best decisions to secure their mission critical C4I and network systems.
Duties and Responsibilities:
You will support system A&A efforts through cyber risk assessment, policy analysis, technology evaluations, and National Institute of Standards and Technology (NIST) security control validation. Apply expertise in technology to analyze system security implementations, application security, and provide recommendations to decision makers and engineers.
You will leverage subject matter expertise in various Cybersecurity areas, including Department of Defense (DoD) Risk Management Framework (RMF) guidance, Security Test and Evaluation (ST&E), system vulnerability, and compliance in support of Assessment and Authorization (A&A) throughout the System Development Life Cycle (SDLC).
Review and provide guidance to hardware and software vendors to ensure secure system implementation.
Review vendor artifacts to ensure appropriate security practices are adhered to.
Identify applicable NIST security controls.
Create RMF artifacts and review security audits in both unclassified and classified environments.
Requirements
Basic Qualifications:
Bachelor’s degree in engineering, cybersecurity, or related technical field
Minimum 3+ years of experience with cybersecurity projects or programs
Thorough knowledge of the Risk Management Framework (RMF) and the Assessment and Authorization (A&A) activities needed to obtain and maintain an Authority to Operate (ATO)
Thorough knowledge of National Institute of Standards and Technology (NIST) and Committee on National Security Systems Instruction, including NIST SP 800-60, NIST SP 800-53, and CNSSI 1253
Active Secret clearance
Salary at Highbury Defense is determined by various factors, including but not limited to location, the individual’s particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $85,731 to $103,332. The estimate displayed represents the typical salary range for this position and is just one component of Highbury Defense’s total compensation package for employees.
We’re an equal employment opportunity/affirmative action employer that empowers our people to fearlessly drive change – no matter their race, color, ethnicity, religion, sex (including pregnancy, childbirth, lactation, or related medical conditions), national origin, ancestry, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, military or uniformed service member status, genetic information, or any other status protected by applicable federal, state, local, or international law.
group id: 91121517
