Enable job alerts via email!

Cybersecurity Analyst

Spectra Tech, Inc.

City of Schenectady (NY)

On-site

USD 60,000 - 100,000

Full time

11 days ago

Boost your interview chances

Create a job specific, tailored resume for higher success rate.

Job summary

An established industry player is seeking a dedicated Cybersecurity Analyst to enhance the security of naval nuclear propulsion technology. This role involves executing NIST directives and supporting the Risk Management Framework. You'll assist in developing critical security documentation and work with various IT security teams to ensure compliance and enhance system security. If you have a passion for cybersecurity and a strong background in IT security projects, this is an exciting opportunity to contribute to the safety and reliability of our Navy's fleet while advancing your career in a dynamic environment.

Qualifications

4+ years in roles like ISSO or ISSM.
Experience with NIST 800-37 and FedRAMP.

Responsibilities

Execute NIST directives to support RMF.
Assist in developing System Security Plans and Security Assessment Reports.

Skills

Security+ Certification

Experience with RSA Archer

Knowledge of NIST Special Publications

Knowledge of IT infrastructure

Knowledge of vulnerability management tools

Spectra Tech is looking for a Cybersecurity Analyst in Schenectady, NY.

Job Description

The Naval Nuclear Laboratory develops advanced naval nuclear propulsion technology for the safety and reliability of our Navy's submarine and aircraft fleet. Our company is seeking a Cybersecurity subcontractor professional to join our team. The subcontractor will be responsible for executing all aspects of the National Institute of Standards and Technology (NIST) directives to support the Risk Management Framework (RMF). This includes assisting information system owners with the development of System Security Plans (SSPs) and Security Assessment Reports (SARs) using the existing RSA Archer application on the Naval Nuclear Propulsion Network (NNPP Net) to support information system authorization. Additionally, the subcontractor will assist in developing Plans of Action and Milestones (POA&Ms) and Risk-Based Decisions (RBDs) for deficiencies identified during the information system authorization process.

Required Knowledge, Skills, and Abilities

At least four years of combined experience in roles such as security control validator, security control assessor, Information System Security Officer (ISSO), or Information System Security Manager (ISSM).
At least two years of experience supporting the development of information system security authorization packages in accordance with the Risk Management Framework (NIST 800-37, 800-53, 800-53a).
At least two years of experience working with the Federal Risk and Authorization Management Program (FedRAMP).
Security+ Certification.

Desired Knowledge, Skills, and Abilities

Experience with the RSA Archer application.
At least two years of experience working on IT security project teams.
At least one year of experience managing IT projects.
Knowledge of IT infrastructure and services, including Data Centers, physical and virtual servers, networking components, and cloud infrastructure/services.
Knowledge of security policies such as NIST Special Publications, Security Technical Implementation Guides (STIGs), and the DoD Cloud Computing Security Resource Guide (SRG).
Knowledge of infrastructure security, endpoint protection, and vulnerability management tools.
Previous experience authorizing information systems within a classified DoE or DoD environment.
Familiarity with NIST 800-171.
Certified Information Systems Security Professional (CISSP) certification.
Certificate of Cloud Security Knowledge (CCSK) certification.

Get your free, confidential resume review.

or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.

Similar jobs