Cybersecurity Analyst

Imagine One Technology & Management, Ltd. is contingently seeking a highly qualified Cybersecurity Analyst to support an effort within Naval Information Warfare Center (NIWC) Atlantic in North Charleston, South Carolina. The ideal candidate will have demonstrated experience supporting Navy and/or United States Marine Corps (USMC) Programs of Record (PoRs), Risk Management Framework (RMF), and Command, Control, Communications, Computers, Intelligence, Surveillance, and Reconnaissance (C4ISR) programs. The successful candidate will leverage cybersecurity expertise to protect and enhance the security posture of various DoD systems. We invite you to apply for this job opportunity and consider a role on our team.

Key Responsibilities:

Provide project support to include but not limited to, executing cybersecurity assessments in compliance with RMF guidelines, ensuring Navy/USMC systems meet DoD standards, and conducting vulnerability assessments using Marine Corps Compliance and Authorization Support Tool (MCCAST), Assured Compliance Assessment Solution (ACAS), and Security Content Automation Protocol (SCAP) tools. Conduct NIST-based risk assessments on non-compliant findings using the CVSS framework and USMC procedures. Perform continuous monitoring of security controls and reporting and tracking vulnerabilities. Administer, operate, and assess systems using ACAS/Tenable.SC, SCAP, STIGs, and SRGs. Administer Linux and Windows-based systems (e.g., Red Hat Enterprise Linux, Windows 11) in a command line environment. 

Qualifying candidates must meet or exceed the following requirements:

Experience Requirements:

• Minimum of three (3) years supporting a cybersecurity authorization framework similar to Risk Management Framework (RMF)
• Minimum of three (3) years of technical experience supporting C4ISR engineering, software development and integration programs, or similar USMC / Navy efforts, to include:

• Administering, operating, or assessing information systems
• Familiarity with administering, operating, and assessing MCCAST, ACAS / Tenable.SC, SCAP, Security Technical Implementation Guides, Security Requirements Guides (SRGs)
• Developing cybersecurity authorization artifacts by reviewing engineering artifacts and documentation, and interviewing engineering stakeholders
• Planning, overseeing, and executing security control assessments to include policy reviews, architecture reviews, vulnerability scanning, and configuration audits

• Additional/concurrent experience to include:

• Administering, operating, and assessing Unix-based systems, such as Red Hat Enterprise Linux, in a command line environment-scripting, log analysis, and system administration from the terminal
• Proactively conducting research on emerging cybersecurity requirements and initiatives from NIST, the DoD, USMC and related organizations
• Ensuring key milestones for achieving and maintaining system/application authorizations are planned and executed
• Providing recommendations to system stakeholders on how best to meet new requirements and initiatives
• Developing, overseeing, and executing continuous monitoring program for system(s) being operated by the integrated product team; to include laboratory system(s)
• Ability to maintain current knowledge of relevant technologies and subject areas, and research new and upcoming technologies
• Developing and documenting processes and completing tasks within an Agile /SAFe environment(iterations, not traditional waterfall phases)

Education Requirements:

• Bachelor of Science in Engineering, Physics, Network Security, Physical Sciences, Computer Science, Mathematics, or Psychology from an accredited college or university

• NOTE: Psychology is acceptable only if the degree includes courses in Human Systems Interface (HSI) and Human Factors Engineering (HFE)

• Cybersecurity Workforce compliant certification at the IAT/IAM Level 2 or higher (e.g., Security +)
• Desired certifications:

• Agile /SAFe certification(s)
• Working towards the following certifications within one and a half year after assuming duties: Professional Software Engineering Master (PSEM)/ Certified Software Development Professional (CSDP) or with COR approval complete a vendor/platform specific certification (e.g., Microsoft Certified Solutions Developer (MCSD), Microsoft Certified Applications Developer (MCAD), Microsoft Certified Database Administrator (MCDBA), Sun Certified Professional (SCP), Red Hat Certification Program (RHCP), CISCO Certified Network Professional (CCNP), CISCO Certified Design Professional (CCDP), Oracle Certified Professional (OCP), etc.)

Additional Requirements:

• Experience in technical specifications development, process analysis and design, technical problem solving, and analytical/logical thinking
• Demonstrated experience translating complex technical findings into actionable guidance for engineers, program managers, and leadership
• Demonstrated experience writing clear, well-reasoned Plans of Action & Milestones (POA&Ms) and risk acceptance recommendations
• Proficient with Microsoft Office products (Word, Excel, PowerPoint, Outlook, Teams) and Adobe Acrobat
• Demonstrated experience utilizing JIRA, Confluence, Intelink, Fusion, SharePoint, or similar products
• High-level attention to detail and the ability to track various projects, tasks, schedules, and competing priorities
• Proven ability to collaborate and work effectively in a team environment
• Strong oral and written communication skills
• Process-oriented with organizational discipline and strong time management skills

Security Requirements:

• U.S. Citizen
• Active SECRET clearance

Additional Information:

• This is not a remote position.