Cyber Analyst
TekSynap · San Antonio, TX · 1 mo ago
Engineering$75k–$105k/yrFull-time
About the role
We are seeking a Cybersecurity Analyst to support Risk Management Framework (RMF) activities and security authorization efforts for Department of War (DoW) information systems. This role is responsible for assessing and reviewing Authorization to Operate (ATO) packages, evaluating cybersecurity documentation, and supporting compliance with RMF, FISMA, and DoW cybersecurity requirements.
Responsibilities
- Assists with Certification & Accreditation (C&A), Authorization to Operate (ATO), and security authorization activities for DoW information systems.
- Provides administrative and technical support to the ISSM in conducting risk assessments, implementing security controls, and developing cybersecurity policies, procedures, and security plans.
- Assess cybersecurity documentation and authorization artifacts, including SSPs, POA&Ms, Security Assessment Reports, Risk Assessments, Contingency Plans, Incident Response Plans, Configuration Management Plans, and supporting RMF documentation.
- Supports continuous monitoring activities and validates compliance with FISMA, RMF, and organizational cybersecurity requirements.
- Provides guidance and support in the development and maintenance of system authorization packages, hardware and software inventories, boundary diagrams, and other compliance documentation.
- Collaborates with system owners, ISSMs, ISSOs, Engineers, and Cyber Security stakeholders to support compliance requirements, remediation efforts, and authorization activities.
- Analyze cybersecurity risks, vulnerabilities, and compliance gaps and provide recommendations for remediation, risk mitigation, and risk acceptance strategies.
- Supports project teams and stakeholders in ensuring security requirements are integrated into project planning and execution.
- Reviews and validates RMF artifacts for completeness, accuracy, and compliance prior to submission to Authorizing Officials (AO), Security Control Assessors (SCA), and cybersecurity review boards.
- Facilitates package reviews and coordinates cybersecurity approval activities through applicable governance boards, change control processes, and authorization decision points.
Required Qualifications
- 5 years’ experience in RMF with Army or other DoW Organizations with emphasis on analyzing and accessing ATO packages.
- Knowledge of Department of War (DoW) policies, directives, and regulatory guidance in the cybersecurity field.
- Working knowledge of eMASS and DoW workflow tools.
- Knowledge and experience with technologies such as cloud computing environments, cybersecurity infrastructure, forensic analytics, and DoW Public Key Infrastructure.
- Demonstrated experience coordinating cross-functional teams consisting of cybersecurity engineers, system administrators, developers, and government stakeholders.
- Demonstrated experience managing multiple concurrent ATO packages and deliverables.
- Demonstrated experience identifying, tracking, and communicating ATO risks, issues, dependencies, and mitigation activities.
- Demonstrated experience preparing and presenting project status updates for ATO packages and performance metrics to senior leadership and government customers.
- Knowledge of DoW hosting environments, including cloud, on-premises, and hybrid architectures.
- DoW 8570/8140 IAT Level III Baseline Certification.
Desired Qualifications
- Experience developing and reviewing ATO packages and RMF documentation.
- Familiarity with vulnerability management, continuous monitoring, security control assessments, and POA&M management.
- Strong written and verbal communication skills with experience producing cybersecurity documentation and executive-level reports.
- Demonstrated ability to translate security policies, implementation guidance, and requirements into effective cybersecurity engineering solutions.
- Experience with government or military setting with an emphasis on cybersecurity and compliance projects.