Position: Cyber Security Analyst
Location: Virginia Beach, VA
Length: Full time
Rate: $115,000-$130,000/yr
(Exact compensation may vary based on several factors, including skills, experience, and education)
Job Description
Insight Global is looking for a qualified individual to fill the role of Cyber Security Analyst IV. In this role, you will be responsible for providing cybersecurity technical support to the Navy Enterprise Tactical Training Network (NETTN). This position requires flexibility to work non-standard hours and workweeks exceeding 40 hours to meet business, customer, and contractual requirements. Duties and responsibilities may also be adjusted as needed to support mission needs. This is a 100% onsite position.
Essential Job Responsibilities
- Conduct security testing and evaluation of servers, workstations, databases, and network infrastructure devices (e.g., firewalls, switches, routers, load balancers) to identify security vulnerabilities and weaknesses, and produce detailed findings reports that support the security authorization process.
- Develop customized scanning and testing configurations within cybersecurity tools to meet specific security and configuration requirements.
- Map identified findings—whether discovered through manual assessment, automated scanning, or associated with CVEs—to applicable NIST SP 800-53 security controls, DoD policies, and relevant technical standards.
- Analyze and interpret cybersecurity directives, policies, and instructions, including CTOs, FRAG/TASK/OPORDs, IAVMs, PKI guidance, and STIG requirements, to determine applicability and required actions.
- Create or update eMASS artifacts in support of Assessments and Authorizations (A&A) and Annual Security Reviews.
- Evaluate the adequacy of current security testing and assessment toolsets; identify capability gaps and recommend new tools or enhancements to improve assessment coverage and effectiveness.
- Serve as a subject matter expert on known and emerging vulnerabilities, providing analysis of exploitation methods, mitigation and remediation strategies, severity impacts, and operational considerations.
- Review Assessment & Authorization (A&A) documentation to ensure compliance with applicable DoD and RMF cybersecurity policies and standards.
- Perform risk analyses and recommend mitigating controls.
- Assist in drafting, updating, and maintaining cybersecurity policies, procedures, and technical guidance for systems and emerging technologies.
- Provide critical written and oral analysis of security architecture documentation and vulnerability and risk assessments.
- Support the creation, management, and tracking of Plans of Action and Milestones (POA&Ms), ensuring accurate status reporting and alignment with cybersecurity requirements.
- Advise government stakeholders in all aspects of Cybersecurity and the Risk Management Framework (RMF).
- Track and report cybersecurity compliance status in VRAM and other applicable vulnerability tracking or reporting platforms.
- Conduct independent verification and risk analysis of security configurations, STIG findings, and POA&M entries for enterprise systems and devices.
- Demonstrate the ability to work independently with minimal oversight while also collaborating effectively within a team environment.
Minimum Qualifications
- High School Diploma or equivalent with 13 years of relevant experience, or 9 years of relevant experience with a Bachelor’s degree in a related field, or 7 years of relevant experience with a Master’s degree in a related field, or 4 years of relevant experience with a PhD or Juris Doctorate in a related field
- CompTIA Security+ CE certification
- Must possess and maintain a U.S. Secret Security Clearance, with the ability to obtain a Top Secret clearance if required
Preferred Requirements
- Current DISA ACAS Administrator Training certification
- Experience using eMASS
