Cybersecurity AnalystsWashington DC Metro Area

BuddoBot

Washington, DC

JOB DETAILS
SALARY
$100,000–$145,000 Per Year
SKILLS
Air Force, Amazon Web Services (AWS), AppDetective, Apple Macs, Best Practices, CISM - Certified Information Security Manager, CISSP - Certified Information Systems Security Professional, Cloud Computing, Communication Skills, CompTIA Security+, Computer Science, Computer Security, Customer Relations, Documentation, GCP (Good Clinical Practices), GSEC - GIAC Security Essentials Certification, GSLC - GIAC Security Leadership Certificate, Information Technology & Information Systems, Information/Data Security (InfoSec), Integrated Circuits (ICs), International Classification of Diseases (ICD), Internet Security, Linux Operating System, Local Area Network (LAN), Mac Operating System, Maintain Compliance, Microsoft Excel, Microsoft Hyper-V, Microsoft Office, Microsoft PowerPoint, Microsoft Windows Azure, Microsoft Windows Operating System, Microsoft Windows Server, Microsoft Word, Nessus, Network Architecture/Engineering, Network Configuration Management, Operating Systems, Penetration Testing, Recruiting/Staffing Agency, Risk Management, Risk Management Framework (RMF), SSCP - Systems Security Certified Practitioner, Secret Clearance, Security Analysis, Security Clearance, Security Information and Event Management (SIEM), Splunk, System Lifecycle, Systems Administration/Management, Systems Engineering, Team Building, Team Player, Technical Analysis, Technical Leadership, Traceability, U.S. National Institute of Standards and Technology (NIST), United States Citizen, United States Department of Defense (DoD), Unix Operating Systems, VMWare, Virtualization Software, Vulnerability Scanners, Writing Skills
LOCATION
Washington, DC
POSTED
Today

Dark Wolf is seeking Cybersecurity Analysts to join a collaborative team to develop, manage, and maintain the security posture of information systems with a focus on Assessment and Authorization (A&A), continuous monitoring and compliance with NIST & RMF. The successful candidate will support your team and customer through authorization process planning, execution, and deployment ensuring high standards of security and compliance. This position will be based out of the Washington DC Metro area with hybrid schedule opportunity.

  • Implementing cybersecurity best practices and identifying opportunities to improve efficiency and effectiveness
  • Supporting cybersecurity activities through all aspects of the systems' life cycle from planning, development, and deployment while ensuring proper hardening and security analysis is enforced to protect the Confidentiality, Integrity, and Availability of the environment
  • Supporting the Risk Management Framework (RMF) lifecycle
  • Creating, managing, and maintaining A&A packages
  • Preparing system documentation to include System Security Plans (SSPs), Security Control Traceability Matrices (SCTMs), Plans of Action and Milestones (POA&Ms), and security artifacts
  • Managing and implementing Continuous Monitoring activities, consisting of periodical reviews of controls, audits, vulnerability scans, and penetration test reports
  • Coordinating proper security control implementation with system administrators and engineers
  • Supporting the entry and maintenance of data into information system security systems of record, such as eMASS or Xacta, as necessary

Required Qualifications:

  • Bachelor's Degree in Computer Science or related field
  • 3+ years of relevant Cyber experience
  • Experience as an RMF Engineer, ISSO, Information Assurance Engineer, Vulnerability Manager, POA&M Manager or like specialty
  • Hands-on Tool experience associated to role
  • Experience with NIST 800-53 and CNSSI 1253
  • Experience with risk management policies/procedures, to include DODI 8510.01
  • Ability to use prior experience and knowledge to address new situations; especially during interactions with clients
  • Ability to communicate on technical subjects using clear, concise, non-technical language to include strong written communications, ability to provide written feedback on documents, and ability to prepare briefings
  • 2+ years of demonstrated knowledge and technical skills in: network architecture, configuration of a local area network (LAN), and securing operating systems
  • 5+ years of experience with Microsoft Windows Server, Windows 10, Windows 11, Microsoft Office Suite (Word, Excel, PowerPoint), Apple/MAC OS, Unix/Linux systems, and virtualization software (VMware, Hyper-V, Virtual Box)
  • Experience using vulnerability and compliance assessment tools such as Nessus, SCAP, or App Detective
  • At least one (1) of the following cyber security certifications: Security+ CE, SSCP, CAP, CISM, CASP, CISSP, GSEC, GICSP, GSLC, CEH, CDNA, CSSLP
  • US Citizenship and have a Secret security clearance

Desired Qualifications:

  • Two (2) or more of the following certifications: Security+ CE, SSCP, CAP, CISM, CASP, CISSP, GSEC, GICSP, GSLC, CEH, CDNA, CSSLP
  • Demonstrated experience giving technical guidance to system administrators
  • Three (3) or more years of experience with the IC Community's/Sponsor's A&A process, ICD 503, and NIST Risk Management
  • Any additional certifications relevant to system and cyber security not previously listed
  • Knowledgeable with the Air Force A&A process and requirements
  • Knowledge of SIEM tools such as Splunk/Elastic
  • Knowledgeable with DoD DevSecOps Fundamentals Playbook
  • Experience assessing technical environments and translating implemented security controls into clear NIST SP 800-53 control narratives and supporting Authorization to Operate (ATO) documentation
  • Cloud Platform familiarity with at least one service offering from AWS, Azure, or Google GCP
  • ACAS training

The salary range for this position is estimated to be between $100,000.00 - $145,000.00, commensurate on experience and technical skillset.

We are proud to be an EEO/AA employer Minorities/Women/Veterans/Disabled and other protected categories.

In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.

We are strictly looking for direct, full-time W2 employees. We do not engage with third-party staffing agencies, C2C, or 1099 independent contractors for this role.

About the Company

B

BuddoBot