Cyber Security Analyst II

The Cybersecurity Analyst II provides mid-level technical cybersecurity support for Cross Domain Solution (CDS) assessments and authorization activities in alignment with National Cross Domain Strategy and Management Office (NCDSMO) guidance. The analyst supports CDSA efforts by conducting technical security reviews, risk assessments, and analysis of multi-domain and multi-level information systems within

Department of Defense environments.

This role requires working knowledge of the Risk Management Framework (RMF), cross-domain architectures, and security control assessment practices.

• Perform cybersecurity analysis in support of Cross Domain Solution (CDS) assessments and authorization activities.
• Assistin execution of NCDSO/CDSA processes for multi-security domain system evaluations.
• Conduct technical risk assessments, vulnerability analysis, and attack surface analysis.
• Review system architectures, data flows, and security controls toidentifypotential risks.
• Analyze and review system security documentation, including:
• System Security Plans (SSPs)
• Security Assessment Reports (SARs)
• Data flow diagrams
• Support RMF Assessment and Authorization (A&A) activities.
• Provide recommendations for security design improvements and risk mitigations.
• Assistindevelopmentof cross-domain security requirements and test procedures.
• Participate in technical working groups, assessment events, and review boards.
• Document assessment findings and prepare technical reports for government stakeholders.
• Coordinate with system engineers, program offices, and cybersecurity teams to resolve security issues.

• Bachelor’s degree in Cybersecurity, Information Systems, or related technical field or four (4) additional years of relevant cybersecurity experience may be substituted for a degree.
• Knowledge of DoD cybersecurity principles and RMF processes.
• 5 years of relevant cybersecurity, RMF, or information assurance experience.
• Familiarity with Cross Domain Solutions (CDS) or multi-level security concepts.
• Knowledge of NIST SP 800-53 security controls.
• Ability to evaluate system and network architectures for security risks.
• Ability to analyze data flows across security domains.
• Ability to interpret and apply security policies and technical guidance.
• Strong written and verbal communication skills.
• Ability to work both independently and as part of a technical team.

• Full-time
• 401(k)
• 401(k) matching
• Employeeassistanceprogram
• Flexible spending account
• Health insurance
• Health savings account
• Life insurance
• Paid time off
• Parental leave
• Referral program
• Vision insurance

• 8 hourshift
• Monday to Friday

• CompTIA Security+,CISSP,CASP+,CISM, orSSCP