Cybersecurity Analyst in Cornholme

Trace Systems is seeking a Cybersecurity Analyst to support the Norfolk Naval Shipyard CIO department (Code 109). The associated network capabilities directly support Navy Fleet readiness, including fleet logistics, maintenance, ship industrial production, engineering, supply, legal, readiness, planning, hurricane disaster preparedness, worldwide base support, readiness reporting, and homeland security.

Duties And Responsibilities

• Support the revision of the entire end‑to‑end Assessment and Authorization (A&A) process.
• Provide support for inspections and audits conducted at NNSY.
• Review A&A package submissions to ensure that system and network architectures, technical and non‑technical operating features adequately protect against unauthorized access, ensure system availability, and meet DoD/Navy Cyber Security (CS) implementation policy requirements and data protection safeguards.
• Conduct CS compliance and A&A documentation validation assessments for legacy applications, systems and networks.
• Develop or expand existing A&A and CS documentation to ensure complete documentation exists in accordance with DoD A&A and IA/CS policy.
• Perform Cyber Compliance (CC) risk assessments, evaluate system risks and provide written risk assessment reports, including overall risk analysis reviews and recommendations to the Navy Authorizing Official (NAO) and Functional Authorizing Official (FAO).
• Respond to feedback from the NAO and FAO in the form of comments and instructions to ensure coordination of efforts and correct errors, information omissions and shortfalls in A&A documentation packages.
• Communicate feedback to customers, coordinate corrections, collect responses and validate prior to forwarding for processing.
• Develop procedures to support A&A workflow processes and criteria needed to facilitate authorization decisions and NAO/FAO authorization milestones.
• Streamline A&A package efforts based on RMF status and complexity, unless operational requirements necessitate a waiver from the NNSY Package Submission Office (PSO).
• Support Cyber Security readiness reporting, assess the cyber security posture and identify trends and processes potentially dangerous to network security.
• Verify Information Assurance (IA) and CS data for units reported via databases such as eMASS, VRAM, CMRS‑N and DADMS.
• Compile and analyze data and develop a weekly/monthly CS Dashboard for NNSY leadership review.
• Communicate feedback to the NNSY CIO about CS vulnerabilities to the DODIN and coordinate corrections, collect responses and validate reporting.
• Provide support in drafting NNSY CIO strategies, plans, policies and procedures.
• Assist with Assured Compliance Assessment System (ACAS) scans.
• Ensure audit artifacts are accurate, complete and accessible, including evidence of continuous monitoring, patch management, user account management and vulnerability remediation efforts.
• Coordinate with ISSMs, ISSOs and system owners to validate systems compliance with the Risk Management Framework (RMF) requirements and audit readiness standards.
• Track and report the status of audit findings and ensure findings are assigned to responsible stakeholders, properly documented in the Plan of Action and Milestones (POA&Ms) and resolved within designated timelines.

Minimum Qualifications

• Active, in‑scope US Government issued Top Secret clearance.
• US Citizenship is required.
• Minimum of four (4) years of experience in CS analysis supporting cyber metrics analysis, incident response, mitigation, risk mitigation analysis and developing contingency plans.
• Examples of relevant experience include:

• CS / INFOSEC concepts and requirements.
• System / network vulnerability analysis.
• Risk assessment and risk mitigation analysis.
• Security Test and Evaluation (ST&E).
• Contingency planning.
• Firewall policy.
• Ports & protocol configuration.
• Vulnerability Remediation Asset Management (VRAM) activities.
• Uploading vulnerability scans as baseline system configuration in VRAM.
• Experience with cyber applications such as ACAS, HBSS, MDE, MDI, Splunk.

Education

• Bachelor’s degree in an IT related discipline or Level II Certification (Security+ or better) and a minimum of four (4) years of experience in CS analysis supporting cyber metrics analysis, incident response, mitigation, risk mitigation analysis and developing contingency plans.

To Apply

We invite you to put your talents to work by joining a growing team of dynamic professionals here at Trace Systems! Be part of a culture at our leading‑edge company where you can achieve great things while fostering a satisfying and rewarding career progression. To learn more about our current openings, text ‘tracejobs’ to 97211 or apply directly through our website at: www.tracesystems.com. Trace Systems is an equal opportunity employer. Qualified candidates will be considered without regard to legally protected characteristics.