Cybersecurity Analysts

Cybersecurity Analyst – Dark Wolf

Dark Wolf is seeking Cybersecurity Analysts to join a collaborative team to develop, manage, and maintain the security posture of information systems with a focus on Assessment and Authorization (A&A), continuous monitoring and compliance with NIST & RMF. The successful candidate will support the team and customer through authorization process planning, execution, and deployment ensuring high standards of security and compliance.

This position will be based out of the Washington DC Metro area with a hybrid schedule opportunity.

• Implement cybersecurity best practices and identify opportunities to improve efficiency and effectiveness.
• Support cybersecurity activities through all aspects of the systems’ life cycle from planning, development, and deployment while ensuring proper hardening and security analysis is enforced to protect the confidentiality, integrity, and availability of the environment.
• Support the Risk Management Framework (RMF) lifecycle.
• Create, manage, and maintain A&A packages.
• Prepare system documentation to include System Security Plans (SSPs), Security Control Traceability Matrices (SCTMs), Plans of Action and Milestones (POA&Ms), and security artifacts.
• Manage and implement continuous monitoring activities, consisting of periodical reviews of controls, audits, vulnerability scans, and penetration test reports.
• Coordinate proper security control implementation with system administrators and engineers.
• Support entry and maintenance of data into information system security systems of record, such as eMASS or Xacta, as necessary.

• Bachelor’s Degree in Computer Science or a related field.
• 3+ years of relevant cybersecurity experience.
• Experience as an RMF Engineer, ISSO, Information Assurance Engineer, Vulnerability Manager, POA&M Manager, or a similar specialty.
• Hands‑on tool experience associated with the role.
• Experience with NIST 800‑53 and CNSSI 1253.
• Experience with risk‑management policies/procedures, including DODI 8510.01.
• Ability to apply prior experience and knowledge to address new situations, especially during interactions with clients.
• Excellent technical communication skills, including clear, concise writing and the ability to provide written feedback and prepare briefings.
• 2+ years of demonstrated knowledge and technical skills in network architecture and local area network (LAN) configuration, and securing operating systems.
• 5+ years of experience with Microsoft Windows Server, Windows 10, Windows 11, Microsoft Office Suite, Apple/MAC OS, Unix/Linux systems, and virtualization software (VMware, Hyper‑V, Virtual Box).
• Experience with vulnerability and compliance assessment tools such as Nessus, SCAP, or App Detective.
• At least one of the following cybersecurity certifications:
  Security+ CE, SSCP, CAP, CISM, CASP, CISSP, GSEC, GICSP, GSLC, CEH, CDNA, CSSLP.
• U.S. citizenship and a Secret security clearance.

• Two or more of the certifications listed above.
• Demonstrated experience giving technical guidance to system administrators.
• Three or more years of experience with the IC Community’s/Sponsor’s A&A process, ICD 503, and NIST Risk Management.
• Additional relevant certifications not previously listed.
• Knowledge of the Air Force A&A process and requirements.
• Knowledge of SIEM tools such as Splunk or Elastic.
• Knowledge of DoD Dev Sec Ops  Fundamentals Playbook.
• Experience assessing technical environments and translating implemented security controls into clear NIST SP‑800‑53 control narratives and supporting Authorization to Operate (ATO) documentation.
• Cloud platform familiarity with at least one service offering from AWS, Azure, or Google GCP.
• ACAS training.

The salary range for this position is estimated to be between $ and $, commensurate with experience and technical skillset.

We are proud to be an EEO/AA employer, supporting minorities, women, veterans, disabled and other protected categories. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.