Job Details
Level: Experienced
Job Location: National Capitol Region - NCR, VA
Position Type: Full Time
Education Level: High School Diploma/ GED
Description
Vickers and Nolan Enterprises (VNE) is an engineering company that provides Government projects and programs with experienced and dedicated system architects, engineers, subject matter experts (in tactical intelligence), and program managers. VNE also develops training courses and tools to prepare warfighters to effectively employ tactical intelligence systems and provide management guidance to the Government organizations that develop these systems.
VNE has earned a reputation for exceptional performance, innovation, agility, and responsiveness in the Intelligence Community (IC). We attack our mission with a comprehensive understanding of the data available and required; skilled research, design, development, integration, and testing of systems and software solutions; expertise in cybersecurity/information assurance and technology; programmatic, acquisition, and logistics support know-how; and our own unique training curricula that enables students to excel at intelligence operations across all levels of the community.
VNE is devoted to improving tactical operations at home and abroad by enabling the seamless transition of data across the intelligence community and developing/integrating solutions to unify operations and intelligence.
VNE is a Service Disabled Veteran Owned Small Business (SDVOSB) founded in 2004 in Stafford, VA.
Qualifications
VNE, LLC is looking for a TS/SCI Cleared Cyber Risk Analyst
Minimum Qualifications:
- High School Diploma/GED
- 5+ years of experience working in a professional IT environment
- 3+ years of experience with cybersecurity
- 3+ years of experience with Assessment and Authorization (A&A) in support of DoD and IC programs, including package development, artifact generation, and authority to operate (ATO)
- Experience with security hardening of Windows and Linux operating systems and security tools, such as ACAS, SCAP, STIG/SRGs, SCC, eMASS/Xacta, ESS, Prisma Cloud, Kubernetes, Rancher, and Docker
- Experience generating and maintaining System Security Plans (SSP), Implementation Plans, Privacy Impact Assessments, Security Assessment Plans (SAP), Risk Assessments, Plan of Action and Milestones (POA&M), and other A&A documentation
- Knowledge of Risk Management Framework (RMF) and the A&A activities needed to obtain and maintain an ATO, including National Institute of Standards and Technology (NIST) and Committee on National Security Systems Instruction (CNSSI), including NIST SP 800-60, NIST SP 800-53, and CNSSI 1253
- Security+ DoD 8570 Level II
- TS/SCI level Clearance required.
Additional Qualifications Desired:
- Experience with DoD or IC cybersecurity projects or programs
- Experience with DevSecOps, Path-to-Production, and CI/CD
- Experience with Cloud Authorization and Cloud Migration
- Experience with administering Red Hat Enterprise Linux or Windows Server 2012 or higher
- Ability to provide subject matter expertise to system engineering documents, including technical requirements documents, interface control documents, and system specifications
- Ability to analyze and communicate complex technical challenges to both technical and non-technical clients and stakeholders
- Ability to communicate and integrate between multiple customer stakeholders
- Bachelor's degree
Job Description:
As a Cyber-Risk Analyst on our team, you'll use your experience to work with DoD programs to discover their cyber risks, understand policies, and develop a mitigation plan. You'll get technical, environmental, and personnel details from engineers and SMEs to assess the entire threat landscape. Then, you'll help your team guide your client through a plan of action with presentations, white papers, and milestones. You'll work on translating security concepts for your client so they can make the best decisions to secure their mission critical networks and systems. This is your opportunity to act as an information security subject matter expert while broadening your skills in cybersecurity, security and network tools, systems engineering, and data science.
Essential Duties of the Job:
- Ability to communicate task requirement information to client in a clear and concise manner.
- Must be able to sit and stand for prolonged periods of time, as well as lead and participate in meetings and working groups.
- Requires visual acuity to use a keyboard.
- Must be able to attend work each day, during scheduled hours, unless on travel or approved time off.
- Ability to work on computer for long periods, and communicate with individuals by telephone, email and face-to-face.
Physical Demands and Work Environment:
- While performing duties of job, employee is occasionally required to stand; walk; sit; use hand to finger, handle or feel objects, tools, or controls; reach with hands and arms; talk and hear.
- Employee must occasionally lift and/or move up to 25 pounds.
- Specific vision abilities required by the job include close vision, distance vision, color vision, peripheral vision, depth perception, and the ability to adjust focus.
- May be exposed to chemicals related to office equipment.
- The noise level in the work environment is usually moderate (i.e. general office environment).
Benefits:
- 401 (K) w/ up to 3.5% Company Match
- Health, Dental & Vision Insurance
- Basic & Supplemental Life Insurance
- Short & Long Term Disability Insurance
- Flexible Spending Account
- 11 Paid Holidays
- Paid Time Off (PTO)
- Gym Membership (varies by location)
- Corporate-Sponsored Events