×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Cybersecurity Analyst; Mid

Job in Stafford, Stafford County, Virginia, 22554, USA
Listing for: UIC Arctic Response Services, LLC
Full Time position
Listed on 2026-05-18
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 60000 - 80000 USD Yearly USD 60000.00 80000.00 YEAR
Job Description & How to Apply Below
Position: Cybersecurity Analyst (Mid)

Overview

CYBERSECURITY ANALYST (MID) (LI2S)

Bowhead seeks a Mid‑Level Cybersecurity Analyst to join our team supporting the Program Office for Logistics Integrated Information Solutions – Marine Corps (LI2S‑MC) in Stafford, VA. The Cybersecurity Analyst will work directly with the client analyzing complex and unique technical support assignments and lead or collaborate with engineers, cybersecurity personnel, logisticians, and program analysts within a scaled agile environment.

The Senior Cybersecurity Analyst will be involved in strategic planning and decision‑making related to cybersecurity initiatives within an organization. They will contribute to the development of cybersecurity policies and procedures. They will also be responsible for assessing and managing cybersecurity risks at a strategic level.

Responsibilities
  • Perform cybersecurity tasks for Global Combat Support System‑ Marine Corps (GCSS‑MC) applications, components, sub‑components, and environments in support of the GCSS‑MC system, cloud migration effort, and audit remediation.
  • Provide documentation annually that all personnel have obtained and maintained their DoD 8140 required certification.
  • Confirm compliance of all personnel’s annual IA awareness training status to the GCSS‑MC PMO information systems security manager (ISSM).
  • Follow DoD/US Navy/Marine Corps cybersecurity processes and procedures to protect U.S. Government sensitive information.
  • Support GCSS‑MC cloud migration and audit, update all GCSS‑MC cybersecurity documentation in accordance with DOD policy and instruction as required by the ISSM and upload that documentation to a location identified by the ISSM where it is accessible to authorized individuals.
  • Use the Government cybersecurity tool, Marine Corps Certification and Accreditation Support Tool (MCCAST), to manage Assessment and Authorization (A&A) documentation and workflow. The Government shall facilitate access and training for the MCCAST tool.
  • Verify registration of all software used in the LI2S‑MC portfolio of systems in the Department of the Navy Application and Database Management System (DADMS).
  • Maintain DADMS, DoD Directive Information Technology Portfolio Repository‑Department of the Navy (DITPR‑DoN), data center inventory site, and other database repositories containing PM LI2S‑MC data. In addition, maintain information provided by the Government in these repositories that support acquisition and non‑acquisition events.

In support of the cloud migration and audit:

  • Verify and validate that security updates and patches are tested and applied to software and operating systems. Document all findings in a weekly report.
  • Generate software quality code reviews with Government provided automated tool(s).
  • Maintain a security Plan of Action and Milestones (POA&M) that lists all vulnerabilities identified by every assessment, and when that assessment identified the vulnerability, in accordance with DoD and USMC Risk Management Framework policies.
  • Review, implement, and maintain the role‑based access controls (RBAC) in support of the GCSS‑MC and sub‑components privileged user access.
  • Review information assurance vulnerability management (IAVMs), communications tasking orders (CTOs), Marine Corps directives (MCDs), operational directives (OPDIRs), vulnerability alerts, and vendor notifications to determine applicability to GCSS‑MC/LCM Family of Systems (FoS) and to assess impact and provide assessment to the ISSM.

In addition, track, report status, and provide remediation suggestions for the vulnerabilities.

  • Support all activities required for maintaining the authority to operate (ATO) and Federal Information Security Management Act (FISMA) compliances.

These activities include, but are not limited to:

  • Annual Security Reviews, Annual Security Control testing, Annual Contingency Plan testing, and quarterly update and submission of a quarterly Plan of Action and Milestones (POA&M).
  • Support cybersecurity testing by generating:
  • A cybersecurity detailed test plan (DTP) required when testing for accreditation that identifies specifically how the system should be tested
  • Thorough risk assessment that identifies the security posture of the…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search