Cybersecurity Analyst Specialist

Position Title:Cybersecurity Analyst/Specialist

Location: Norfolk Naval Shipyard, Portsmouth, VA

Security Clearance: Top Secret

• This is a key personnel position and contingent upon contract award. Must be currently located in or willing to relocate to the Portsmouth, VA area.***
  
  

Position Description:

The Cybersecurity (CS) Analyst/Specialist will provide support for the cybersecurity operations of IT systems at the Norfolk Naval Shipyard (NNSY). This role is responsible for analyzing, maintaining, and improving the security of IT networks and systems. The Cybersecurity Specialist ensures compliance with Department of Defense (DoD) and Navy security requirements, identifies vulnerabilities, and implements measures to mitigate risks. The role requires an analytical and proactive approach to system security and the ability to work independently or in a collaborative environment.

Key Responsibilities:

• Cybersecurity Monitoring & Auditing: Continuously monitor system networks to detect security breaches and vulnerabilities. Conduct regular audits to ensure compliance with DoD cybersecurity standards
• Risk Assessment & Mitigation: Identify potential security risks and vulnerabilities in IT systems. Develop and implement mitigation strategies to ensure system integrity and confidentiality
• Security Incident Response: Respond to cybersecurity incidents, conducting forensic analysis to identify the root cause, and working with teams to contain and resolve issues
• Compliance & Security Policies: Ensure all IT systems comply with DoD and Navy cybersecurity policies, including performing Security Technical Implementation Guides (STIG) reviews and ensuring adherence to Risk Management Framework (RMF) guidelines
• Vulnerability Management: Conduct regular vulnerability scans and assessments. Work with system administrators and other stakeholders to address and resolve any security vulnerabilities
• Security Documentation & Reporting: Maintain up-to-date documentation on cybersecurity measures, incident reports, risk assessments, and compliance metrics. Provide regular security performance reports to stakeholders
• Training & Awareness: Develop and deliver cybersecurity awareness training to employees and stakeholders to ensure compliance with security protocols
• Collaboration with Stakeholders: Work with IT teams and external partners to coordinate cybersecurity efforts and ensure that security policies are fully integrated into system development and operations
  
  

Qualifications:

• Experience:
• Minimum seven (7) years of experience in CS/A&A analysis support in IA controls analysis, conducting risk assessments, risk mitigation analysis, or developing contingency plans
• Education:
• Bachelor’s degree in an IT-related discipline and at least seven (7) years of relevant experience (as described below); or nine (9) years of relevant experience (as described below)
• Certifications:
• Must be fully qualified under DoD 8570.01-M and possess an Information Assurance Technical (IAT) Level II or III certification (e.g., CISSP, CISM, CEH, or equivalent)
• Qualified and registered as a Navy Validator (NVQ) Level 3 or extensive Navy IT experience

Work Environment:

The Cybersecurity Analyst/Specialist will primarily be based at the Norfolk Naval Shipyard (NNSY) in Portsmouth, VA. Occasional travel may be required to satellite facilities or other locations where Navy vessels are repaired. The role requires strict adherence to security protocols and may involve working outside normal hours to respond to critical cybersecurity incidents.

Examples of Relevant Experience may include the following:

• CS / INFOSEC concepts and requirements
• DOD A&A process and standards
• System / network vulnerability analysis
• Risk assessment and risk mitigation analysis
• Security Test and Evaluation (ST&E)
• Contingency planning
• Firewall Policy
• Ports & Protocols
• Maintaining all day-to-day VRAM activities
• Entering the system baseline configuration in VRAM by uploading vulnerability scan of a representative baseline system
• Expert and Mastery levels with institutional knowledge and a minimum of 5 years’ experience, on the mission critical procedures, systems, and processes, as they pertain to Information Technology and Cyber Security requirements
• Fully qualified in accordance with DoD 8570.01M
• Personnel qualified and registered as a Navy Validator IAW DoN Memorandum 5239, Ser 5.0/1274 dated 18 Mar 10, Subj: QUALIFICATION STANDARDS AND REGISTRATION PROCEDURES FOR NAVY VALIDATORS
• Experience in certifying and accrediting DON information systems and networks, as well as Platform IT
• Expert knowledge of and experience with CS requirements as defined by Public Laws, National, DoD, and DON guidance [e.g., Federal Information Security Management Act (FISMA), DoDD 8500.1, DoDI 8500.2, DoDI 8510.01 (Risk Management Framework (RMF) for DoD Information Technology (IT)), DODINST 8570/01M INFORMATION ASSURANCE WORKFORCE IMPROVEMENT PROGRAM. SECNAVINST 5239.3, OPNAVINST 5239.1, NIST Special Publications Series 800, etc
• Expert knowledge and experience with the requirements outlined in OPNAVINST N9210.3 Safeguarding Naval Nuclear Propulsion Information
  
  

Powered by JazzHR

4mCT57r2Wo