Cybersecurity Analyst

Job Description

Job Description

Position Overview:

The Cybersecurity Analyst III will support the Department of Defense (DoD) Chief Information Officer (CIO) by providing cybersecurity policy, risk management, and governance support to the Information Portfolio Management, Modernization, and Capabilities (PM2C) Council. The analyst will help integrate cybersecurity considerations into IT modernization planning and ensure that new capabilities align with DoD cybersecurity frameworks and risk tolerance thresholds. This mid-level position will contribute to enterprise security posture improvement and support coordination across Components and governance bodies.

Key Responsibilities:

• Support the integration of cybersecurity requirements into modernization strategies, investment planning, and capability assessments.
• Conduct risk and vulnerability assessments for proposed or ongoing IT modernization initiatives.
• Contribute to the development of cybersecurity-related governance documents, policies, and standards in support of PM2C.
• Track implementation of cybersecurity policy guidance across portfolios and assist in identifying areas of non-compliance.
• Participate in working groups and cross-functional forums to advise on risk management, security architecture, and technical mitigation strategies.
• Support preparation of briefings and reports for senior DoD CIO leadership related to cybersecurity posture and strategic initiatives.
• Assist in aligning capability development with DoD cybersecurity standards, including RMF, NIST 800-53, and DoDI 8500.01.
• Maintain awareness of evolving cybersecurity threats and trends relevant to DoD IT systems.

Qualifications:

Required:
• Active Top Secret / SCI (TS/SCI) clearance.
• 5–8 years of experience in cybersecurity, risk management, or information assurance, preferably within a DoD or federal environment.
• Knowledge of DoD cybersecurity frameworks including RMF, NIST SP 800-53, and CNSSI 1253.
• Familiarity with cybersecurity policies, governance structures, and technical assessments.
• Strong analytical skills, with the ability to communicate technical information to both technical and non-technical audiences.

Preferred:
• Bachelor’s degree in Cybersecurity, Information Technology, or related field.
• Industry certifications such as CISSP, CISM, Security+, or equivalent.
• Experience supporting IT portfolio management or modernization planning efforts.
• Understanding of the PM2C Council and its alignment with DoD CIO initiatives.

Clearance Required:

Active Top Secret / SCI (TS/SCI)