Technomics, Inc.
Mid-Level Cybersecurity Analyst/Engineer
Technomics, Inc., Arlington, Virginia, United States, 22201
Mid-Level Cybersecurity Analyst/Engineer
Technomics is a growing employee‑owned, decision‑analytics company that specializes in cost and economic analysis to facilitate better decisions faster. We enable a wide range of clients across the Federal government, from senior‑level policy makers to program managers, to choose smartly, buy effectively and operate efficiently.
We deliver practical, credible, and defensible results offering actionable insights by applying data‑driven and analytics‑based approaches in combination with multidisciplinary talent, subject‑matter experts, and tangible and repeatable assets in the form of databases, models, approaches and techniques.
Mid‑Level Analysts have the knowledge, skills, abilities and initiative to deliver timely, practical and innovative solutions to our clients as part of high‑performing project teams, typically composed of a mix of varying levels of experienced analysts who will look to you for technical acumen and mentoring.
Our employee‑owners pride themselves on their ability to apply deep analytical rigor and innovative thought that assists clients in understanding and solving a myriad of challenging resource‑planning and management problems.
This position is located in Crystal City, VA.
Role & Responsibilities
Provide cybersecurity expertise to surface‑combat system program offices.
Lead efforts to bring platform information technology systems through the full life cycle of the Risk Management Framework (RMF) process to achieve/renew Authority to Operate (ATO).
Perform cybersecurity Assessment & Authorization work under the RMF guidelines including categorization, security planning, POA&M updates, review test results and assess for security control compliance, perform risk assessments, complete ATO package preparation for receipt of timely ATO.
Coordinate with support team to ensure hardening of systems under test to conform to all applicable regulations from DoD and the Defense Information Systems Agency (DISA). This includes but is not limited to Security Technical Implementation Guides (STIG) and Security Requirements Guides (SRG).
Work with NAVSEA, PEO IWS and combat‑system program offices to ensure DoD/DON cybersecurity regulations and best practices are followed in the design, development, and sustainment of integrated combat systems and weapon systems.
Work as a team player comfortable interacting with many different people and effective at verbal and written communication, supporting face‑to‑face meetings, phone, and email interactions with program leads, engineers, and team members.
Advise DoD customers on secure design and implementation of systems and capabilities.
Identify security vulnerabilities and weaknesses in SW, HW and architecture design for mission environments and recommend mitigations.
Provide mentorship and training to other team members.
Build briefs to convey critical information to decision makers.
Qualifications
Experience: 8 years direct cybersecurity work; experience evaluating the cyber compliance of a system against current RMF and DoD cybersecurity policies.
Education: Bachelor’s Degree (BS/BA Cybersecurity Management or equivalent technical degree).
Active DoD Secret clearance.
Knowledge of NIST SP 800‑53, DoDI 8500.01, and DoDI 8510.01.
Desired Qualifications
DoD 8570 Information Assurance Management (IAM) III or IAT III Certification.
Experience working in an acquisition program office environment with documentation, protocols, formats, and deadlines.
Familiarity with Navy combat systems such as SSDS and AEGIS.
A working knowledge of DON, NAVSEA, and PEO IWS cyber regulations.
Seniority Level Mid‑Senior level
Employment Type Full‑time
Job Function Strategy/Planning and Information Technology
Industries Defense and Space Manufacturing
We are an Equal Opportunity Employer. As an Equal Opportunity Employer, we do not discriminate on the basis of race, color, religion, national origin, sex, age, marital status, disability or veteran status.
#J-18808-Ljbffr
We deliver practical, credible, and defensible results offering actionable insights by applying data‑driven and analytics‑based approaches in combination with multidisciplinary talent, subject‑matter experts, and tangible and repeatable assets in the form of databases, models, approaches and techniques.
Mid‑Level Analysts have the knowledge, skills, abilities and initiative to deliver timely, practical and innovative solutions to our clients as part of high‑performing project teams, typically composed of a mix of varying levels of experienced analysts who will look to you for technical acumen and mentoring.
Our employee‑owners pride themselves on their ability to apply deep analytical rigor and innovative thought that assists clients in understanding and solving a myriad of challenging resource‑planning and management problems.
This position is located in Crystal City, VA.
Role & Responsibilities
Provide cybersecurity expertise to surface‑combat system program offices.
Lead efforts to bring platform information technology systems through the full life cycle of the Risk Management Framework (RMF) process to achieve/renew Authority to Operate (ATO).
Perform cybersecurity Assessment & Authorization work under the RMF guidelines including categorization, security planning, POA&M updates, review test results and assess for security control compliance, perform risk assessments, complete ATO package preparation for receipt of timely ATO.
Coordinate with support team to ensure hardening of systems under test to conform to all applicable regulations from DoD and the Defense Information Systems Agency (DISA). This includes but is not limited to Security Technical Implementation Guides (STIG) and Security Requirements Guides (SRG).
Work with NAVSEA, PEO IWS and combat‑system program offices to ensure DoD/DON cybersecurity regulations and best practices are followed in the design, development, and sustainment of integrated combat systems and weapon systems.
Work as a team player comfortable interacting with many different people and effective at verbal and written communication, supporting face‑to‑face meetings, phone, and email interactions with program leads, engineers, and team members.
Advise DoD customers on secure design and implementation of systems and capabilities.
Identify security vulnerabilities and weaknesses in SW, HW and architecture design for mission environments and recommend mitigations.
Provide mentorship and training to other team members.
Build briefs to convey critical information to decision makers.
Qualifications
Experience: 8 years direct cybersecurity work; experience evaluating the cyber compliance of a system against current RMF and DoD cybersecurity policies.
Education: Bachelor’s Degree (BS/BA Cybersecurity Management or equivalent technical degree).
Active DoD Secret clearance.
Knowledge of NIST SP 800‑53, DoDI 8500.01, and DoDI 8510.01.
Desired Qualifications
DoD 8570 Information Assurance Management (IAM) III or IAT III Certification.
Experience working in an acquisition program office environment with documentation, protocols, formats, and deadlines.
Familiarity with Navy combat systems such as SSDS and AEGIS.
A working knowledge of DON, NAVSEA, and PEO IWS cyber regulations.
Seniority Level Mid‑Senior level
Employment Type Full‑time
Job Function Strategy/Planning and Information Technology
Industries Defense and Space Manufacturing
We are an Equal Opportunity Employer. As an Equal Opportunity Employer, we do not discriminate on the basis of race, color, religion, national origin, sex, age, marital status, disability or veteran status.
#J-18808-Ljbffr