Cyber Security Analyst

About the position

JHNA Technology Security is seeking a Cyber Security Analyst to serve as an Information System Security Engineer (ISSE) for the support of tasking that involves the analysis of the posture of systems in support of system certification and accreditation. The role requires collaboration with the Information System Security Officer (ISSO) and Information System Security Manager (ISSM) to develop technical solutions to problems, implement enhancements, and upgrade system architectures. The Cyber Security Analyst will be responsible for implementing categorization for security control selection and creating, maintaining, and updating required Risk Management Framework (RMF) artifacts for Authorization to Operate (ATO) packages. In this position, the analyst will define system security requirements, assess system security architecture designs, and support the development and sustainment of the RMF authorization package throughout all lifecycle phases. The role also involves updating and assessing hardware, software, policies, and processes for compliance with system ATO packages. The analyst will review and update the Plan of Action and Milestones (POA&Ms) as part of the Continuous Monitoring process and perform required security testing as part of the RMF Assess & Authorize process. This includes running SCAP or Evaluate-STIG, completing DISA Security Technical Implementation Guides (STIGs), and running ACAS scans. The Cyber Security Analyst will accurately review vulnerability scan and STIG Checklist results and update them as needed. Attendance at meetings requiring cyber support is necessary, and effective communication of cybersecurity and operations issues to the ISSO/ISSM is essential for the role.