About the roleConcept Plus is seeking a highly capable, self-driven Cyber Analyst to support a critical software modernization initiative for our client. This position plays a key role in analyzing mission-focused requirements, streamlining processes, and enhancing decision-making for operations.
As the strategic link between operational objectives and technology solutions, the Cyber Analyst will translate complex business needs into actionable insights and support the successful execution of priorities while ensuring alignment with client compliance standards.
This role operates within a collaborative Agile and DevSecOps framework to ensure secure, timely, and iterative delivery of capabilities. The ideal candidate thrives in a fast-paced, evolving environment and brings a deep understanding of both business processes and technological integration.
What you'll do- Lead and maintain the full RMF/ATO lifecycle, managing security authorization packages and updating SSPs, POA&Ms, risk assessments, and continuous monitoring artifacts.
- Ensure system confidentiality, integrity, and availability through compliance with NIST 800-53, DoDI 8500.01, DoDI 8510.01, and related DoD cybersecurity policies.
- Support Agile/DevSecOps deployments, integrating cybersecurity requirements into sprints, CI/CD pipelines, release schedules, and system design reviews.
- Perform vulnerability scanning, assessment, and remediation-using Nessus, eMASS, SonarQube, Checkmarx, Trivy, Dependency Track-and ensure compliance with DISA STIGs.
- Perform cloud focused vulnerability scanning, assessment, and remediation using Nessus, eMASS, SonarQube, Checkmarx ensuring compliance with cloud security baselines.
- Provide security engineering support, including secure architecture input, SSO/SSL integration, secure configuration guidance, and API/cloud security reinforcement.
- Collaborate with technical teams, ISSMs, and AO representatives to support audits, inspections, security reviews, and risk mitigation activities.
- Track, report, and respond to cybersecurity incidents, ensuring timely coordination and recovery actions.
- Develop and maintain key cybersecurity documentation, including ISAs, MOAs, SoD matrices, architecture diagrams, and application/database security artifacts.
- Monitor project progress and deliver clear, actionable cybersecurity reports and risk insights to leadership and government stakeholders.
- Communicate effectively with internal teams, customers, and stakeholders in a clear, concise, and professional manner.
Required Qualifications- US Citizen
- Ability to obtain and/or maintain a government clearance.
- Bachelor's Degree in an IT related field
- CISSP Certification (IAT Level 3 Certification)
- 8+ years of experience as Cyber Analyst
- 5+ years' experience with ATO procurement in Cloud Environment
- 5+ years in DoD Environment
- 5+ Years Experience with the Risk Management Framework Process
- 5+ Years Experience operating the Enterprise Mission Assurance Support Service Application (eMASS)
Preferred Qualifications- DOD/Government contracting experience, Government IT systems experience.
- Able to work independently and report to a blended Cyber Team ISSM
- Good documentation skills
- Confident communicator with excellent verbal and written skills
