Key skills
AWSCloudCyber SecuritySparkGitLabAgileCI/CDRisk ManagementCollaborationCloud Security
About this role
Role Overview
- Serve as the lead cybersecurity analyst on the ATIS Platform Team, ensuring cybersecurity is embedded across the Agile development lifecycle.
- Analyze system architectures, software designs, and platform services to ensure compliance with NIST 800-53, DoD RMF, Army RMF, and applicable STIGs.
- Drive the development and maintenance of system security documentation, including System Security Plans (SSPs), POA&Ms, Security Assessment Reports (SARs), and continuous monitoring artifacts.
- Support the preparation and submission of Authority to Operate (ATO) packages and interface with Information System Security Managers (ISSMs), Authorizing Officials (AOs), and other security stakeholders.
- Extensive experience with eMASS, including conducting security control assessments, performing vulnerability analyses, and implementing threat modeling to identify, monitor, and resolve cybersecurity risks, ultimately enhancing the overall security posture.
- Proficiency in configuring and managing AWS security services, such as AWS Security Hub, CloudTrail, GuardDuty, and AWS Config.
- Assist with the implementation of security automation in CI/CD pipelines and security scans using tools like GitLab, ACAS, Interrogator and AESS.
- Contribute to the development and enforcement of security baselines for cloud infrastructure, containerized environments, and Infrastructure as Code (IaC) tools.
- Track compliance with STIGs for operating systems, containers, and application components; recommend and document deviations or mitigations as appropriate.
Requirements
- Active Secret Security Clearance.
- Bachelor’s degree in Computer Science, Information Systems, Engineering, or related field.
- 5+ years of experience in cybersecurity analysis, information assurance, or cyber risk management.
- Active DoDI 8140 certification (e.g., CISSP, CISM, Security+).
- Hands-on experience of NIST Frameworks, Cloud Share Responsibility Model, FedRAMP and/or CNSSI 1253 control overlays.
- Experience working in Agile or DevSecOps environments with cross-functional development and operations teams.
- Familiarity with cloud security principles (preferably in AWS GovCloud) and securing platform-level components.
- Experience with backlog management and collaboration tools (e.g., Gitlab, Lucid Spark).
Tech Stack
- AWS
- Cloud
- Cyber Security
- Spark