Cyber Risk Analyst

Onsite in Reston, VATS/SCI clearance is required.The Opportunity:As a Cyber-Risk Analyst on our team, you'll use your experience to work with DoD programs to Client their cyber risks, understand policies, and develop a mitigation plan. You'll get technical, environmental, and personnel details from engineers and SMEs to assess the entire threat landscape. Then, you'll help your team guide your client through a plan of action with presentations, white papers, and milestones. You'll work on translating security concepts for your client so they can make the best decisions to secure their mission critical networks and systems. This is your opportunity to act as an information security subject matter expert while broadening your skills in cybersecurity, security and network tools, systems engineering, and data science.You Have:5+ years of experience working in a professional IT environment3+ years of experience with cybersecurity3+ years of experience with Assessment and Authorization (A&A) in support of DoD and IC programs, including package development, artifact generation, and authority to operate (ATO)Experience with security hardening of Windows and Linux operating systems and security tools, such as ACAS, SCAP, STIG/SRGs, SCC, eMASS/Xacta, ESS, Prisma Cloud, Kubernetes, Rancher, and DockerMust have hands on Xacta experienceExperience generating and maintaining System Security Plans (SSP), Implementation Plans, Privacy Impact Assessments, Security Assessment Plans (SAP), Risk Assessments, Plan of Action and Milestones (POA&M), and other A&A documentationKnowledge of Risk Management Framework (RMF) and the A&A activities needed to obtain and maintain an ATO, including National Institute of Standards and Technology (NIST) and Committee on National Security Systems Instruction (CNSSI), including NIST SP 800-60, NIST SP 800-53, and CNSSI 1253Security+ DoD 8570 Level IINice If You Have:Experience with DoD or IC cybersecurity projects or programsExperience with DevSecOps, Path-to-Production, and CI/CDExperience with Cloud Authorization and Cloud MigrationExperience with administering Red Hat Enterprise Linux or Windows Server 2012 or higherAbility to provide subject matter expertise to system engineering documents, including technical requirements documents, interface control documents, and system specificationsAbility to analyze and communicate complex technical challenges to both technical and non-technical clients and stakeholdersAbility to communicate and integrate between multiple customer stakeholdersBachelor's degreeClearanceApplicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required.About Blue SkyBlue Sky Innovative Solutions (Blue Sky) assists its federal, state and local, and commercial clients with solving their toughest challenges in the areas of IT Infrastructure Support and Engineering; Application Development and Maintenance; Program and Project Management; and Management Consulting. Find out more about Blue Sky at . Blue Sky is an equal opportunity employer and recruits mission-oriented, proactive, skilled candidates from across the United States. As an SBA certified HUBZone small business, Blue Sky has a special interest in recruiting and hiring personnel who reside in HUBZones. To determine whether you reside in a HUBZone, visit . All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.