Cybersecurity Analyst na Base-2 Solutions
Base-2 Solutions · Reston, Estados Unidos Da América · Onsite
- Professional
- Escritório em Reston
Job Description
Base-2 Solutions is seeking a Cybersecurity Analyst who will lead the assessment and authorization (A&A) process to achieve and maintain Authority to Operate (ATO) for critical government systems and cloud environments up to IL6+, ensuring compliance with NIST SP 800-53, RMF, ICD 503, FISMA, and FedRAMP standards. With a focus on safeguarding mission-essential infrastructure across NIPR, SIPR, and JWICS networks, you’ll support incident response, vulnerability management, and continuous monitoring to protect sensitive federal data.
Responsibilities
- Use government ATO frameworks and tools (e.g., NIST SP 800-53, RMF, ICD 503, FISMA, FedRAMP) to guide systems through the assessment and authorization (A&A) process and maintain ongoing compliance.
- Conduct security control assessments, vulnerability scans, and incident response activities to identify and remediate risks across IL5–IL6 cloud and on-prem environments..
- Develop and maintain System Security Plans (SSPs), POA&Ms, and continuous monitoring artifacts to support federal accreditation requirements.
- Collaborate with engineering, operations, and program stakeholders to ensure security controls are effectively implemented and documented throughout the system lifecycle.
Qualifications
- At least six (6) years of experience as a cybersecurity analyst with a specialization in Government System ATO support, demonstrating deep knowledge of government ATO principles, methodologies, and tools.
- CISSP or equivalent certification to support DoD 8140 requirements
Required Experience
- Strong experience in government regulatory frameworks, compliance requirements, and security standards specific to ATO (e.g., NIST SP 800-53, RMF, ICD 503, FISMA, FedRAMP).
- Demonstrated and repeat experience achieving and maintaining ATO for cloud services and solutions from IL5 to IL6+ on NIPR, SIPR, and JWICS.
- Understanding of network protocols, operating systems, and infrastructure components.
- Strong proficiency in incident response, security incident handling, and forensic analysis techniques.
- Expertise with government specific ATO assessment tools, vulnerability scanning tools, and intrusion detection/prevention systems.
- Effective communication skills, with the ability to convey complex technical concepts to both technical and non-technical stakeholders.
