Cyber Risk Analyst

SilverEdge • Reston, VA, US • 4d ago

SilverEdge is a premier provider of innovative cyber, software, and intelligence solutions, addressing mission-critical challenges for the Department of Defense (DoD), Intelligence Community (IC), and beyond. We are dedicated to delivering impactful results to meet mission goals through cutting-edge technology and expertise. We are seeking a Cyber Risk Analyst to join our dynamic team. This individual will play a pivotal role in developing innovative and effective solutions for our DoD customers within the IC sector.

Role Overview

As a Cyber Risk Analyst, you will collaborate with DoD programs to identify cyber risks, understand relevant policies, and craft mitigation strategies. Leveraging technical, environmental, and personnel insights from subject matter experts, you will evaluate the threat landscape and guide clients through actionable plans. This role involves translating complex security concepts into clear, actionable recommendations, enabling clients to secure mission-critical networks and systems.

Primary Duties

Collaborate with engineers and SMEs to assess cyber risks across technical, environmental, and personnel domains.
Develop and deliver mitigation strategies, including detailed plans of action, presentations, and milestones.
Assist in generating and maintaining Assessment and Authorization (A&A) documentation, including System Security Plans (SSPs), Privacy Impact Assessments, Security Assessment Plans (SAPs), and Risk Assessments.
Perform security hardening for Windows and Linux operating systems, utilizing tools such as ACAS, SCAP, STIG/SRGs, eMASS/Xacta, ESS, Prisma Cloud, Kubernetes, Rancher, and Docker.
Apply knowledge of the Risk Management Framework (RMF) to support A&A activities necessary to obtain and maintain an Authority to Operate (ATO).
Translate security concepts for stakeholders, ensuring informed decision-making to secure networks and systems.
Security Clearance TS/SCI
5+ years of experience in a professional IT environment.
3+ years of experience in cybersecurity.
3+ years of experience with A&A processes for DoD and IC programs, including package development, artifact generation, and ATO approval.
Proficiency in security hardening for Windows and Linux operating systems.
Familiarity with tools such as ACAS, SCAP, STIG/SRGs, eMASS/Xacta, ESS, Prisma Cloud, Kubernetes, Rancher, and Docker.
Experience generating and maintaining A&A documentation, including SSPs, SAPs, and POA&Ms.
Knowledge of RMF, NIST, and CNSSI standards, including NIST SP 800-60, NIST SP 800-53, and CNSSI 1253.
Certification Security+ (DoD 8570 Level II).
Experience supporting DoD or IC cybersecurity projects or programs.
Familiarity with DevSecOps, Path-to-Production, and CI/CD processes.
Experience with Cloud Authorization and Cloud Migration.
Experience administering Red Hat Enterprise Linux or Windows Server 2012 or higher.
Ability to provide subject matter expertise for system engineering documentation, including technical requirements and interface control documents.
Strong communication skills, with the ability to convey technical challenges to both technical and non-technical stakeholders.
Bachelor's degree.

Certifications

Required Security+ (DoD 8570 Level II).
Desired Additional certifications in cybersecurity, cloud technologies, or DevSecOps.

SilverEdge Government Solutions was founded on the belief that nurturing talent and collaborating closely with our customers enables us to think big and deliver the best for our country. Our mission is to bring top technology talent together to solve the world’s most challenging problems while protecting the United States and our allies. SilverEdge Government Solutions, LLC is an Equal Opportunity Employer and applicants receive lawful consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.