Posted today
Secret
Unspecified
IT - Security
Charleston, SC (On/Off-Site)
Cybersecurity Analyst Technical Reviewer
Location: Charleston, SC
Clearance Level: Active Secret Security Clearance
Summary:
The Cybersecurity Analyst Technical Reviewer is responsible for performing Assessment and Authorization (A&A) activities within the Defense Health Agency (DHA) Risk Management Framework (RMF) to ensure Department of War (DoW) Information Technology systems, medical devices, business solutions, and networks obtain and maintain an Authorization to Operate (ATO). This role supports the development and enforcement of cybersecurity policies in alignment with DHA guidelines and ensures compliance across assigned systems.
The selected candidate will serve as the primary point of contact for assigned systems undergoing the RMF process, conducting initial assessments, coordinating meetings, tracking communications, and collaborating with system owners, vendors, DHA leadership, the Risk Management Executive (RME) Division, Risk Management as a Service (RMFaaS), and Integrated Project Team (IPT) leads. Responsibilities include leveraging approved communication channels such as eMASS, Consolidated System Tracking and Reporting (CSTAR), Microsoft applications, and other authorized platforms.
This position supports high-impact cybersecurity efforts, including tool testing, trend analysis, remediation planning, policy development, workflow creation, and implementation planning. The candidate must be capable of identifying root causes, resolving broadly defined problems, and delivering accurate and timely solutions aligned with DoW, DISA, DHA, RME, and RMFaaS guidance.
Services to be performed include, but are not limited to:
• Perform Assessment and Authorization (A&A) activities to support RMF compliance and ATO attainment.
• Conduct initial assessments of DoW systems and provide feedback and guidance throughout the authorization lifecycle.
• Coordinate and facilitate meetings with internal and external stakeholders.
• Regularly utilize eMASS and CSTAR to manage and track system authorization activities.
• Monitor and track progress for assigned systems and update online databases weekly at a minimum.
• Troubleshoot and resolve issues related to cybersecurity tools.
• Create Security Assessment Plans (SAP) for assigned systems.
• Analyze and identify inconsistencies using Control Correlation Identifiers (CCIs), hardware and software inventories, authorization boundaries, and external communication documentation.
• Assist ISSMs, ISSOs, and cybersecurity team members by recommending RMF and CSRMC-related documentation updates.
• Identify and report risks or inefficiencies to the Estimate Team Lead and recommend procedural or operational improvements.
• Recommend and select applicable STIGs and SRGs within defined authorization boundaries.
• Utilize cybersecurity tools such as PCAT, CSTAR, eMASS, and other approved tools.
• Provide remote customer support in accordance with DoW, DISA, DHA, RME, and RMFaaS guidelines.
• Facilitate enterprise tool training sessions and one-on-one customer training when required.
• Provide regular status updates to the Estimate Team Lead and participate in program meetings and working groups.
Required Education and Experience:
• Bachelor of Science degree in Information Technology, Cybersecurity, Business, or related field from an accredited university, or commensurate experience.
• Minimum of three (3) years of experience with complex software systems, including Systems Analysis, Systems Architecture, Systems or Equipment Support, and Test and Evaluation.
• Minimum of two (2) years of experience in Electronics Engineering, Computer Engineering, Computer Science, Management Information Systems, Information Systems, Cybersecurity, cloud solutions, or Information Technology.
• Working knowledge of Facility-Related Control Systems, Platform IT (PIT) Systems, major applications, networks, and other software solutions.
• Experience using eMASS.
• Proficiency with Microsoft Office Suite (Word, Excel, PowerPoint, Visio, Outlook).
• Strong time management skills and ability to manage correspondence and priority scheduling.
• Excellent written and verbal communication skills.
Required Certification(s):
• Security+ Certification.
Preferred Qualifications:
• CASP+, CISSP, or CySA+.
• Experience working with the Defense Information Systems Agency (DISA).
• Experience serving as an ISSM or ISSO.
Clearance Level:
Active Secret Security Clearance (Required)
Benefits at 3 Reasons Consulting:
At 3 Reasons Consulting, we are committed to supporting the well-being of our team with a comprehensive benefits package that includes both company-paid and shared-cost options. Our benefits are designed to enhance your health, financial security, and work-life balance to help you thrive personally and professionally as a valued member of our team.
Company-Paid Benefits:
Short/Long Term Disability
Basic Life Insurance
Direct Payroll Deposit
Leave Accrual
Holidays
401(k) Match
Employee / Company Shared Benefits:
Additional (Voluntary) Life Insurance
401(k)
Medical Coverage
Dental Coverage
Vision Care Plan
Flexible Spending Account Plan
An Equal Opportunity Employer
3 Reasons Consulting is an Equal Opportunity Employer. We are committed to providing a workplace free from discrimination or harassment and hold all employees accountable to protect this mission. We do not discriminate on the basis of race, color, gender, religion, national origin, sexual orientation, age, marital status, veteran status, military status, disability status, or any other characteristic protected by federal, state, or local law. All applicants will receive consideration for employment without regard to protected bases.
Location: Charleston, SC
Clearance Level: Active Secret Security Clearance
Summary:
The Cybersecurity Analyst Technical Reviewer is responsible for performing Assessment and Authorization (A&A) activities within the Defense Health Agency (DHA) Risk Management Framework (RMF) to ensure Department of War (DoW) Information Technology systems, medical devices, business solutions, and networks obtain and maintain an Authorization to Operate (ATO). This role supports the development and enforcement of cybersecurity policies in alignment with DHA guidelines and ensures compliance across assigned systems.
The selected candidate will serve as the primary point of contact for assigned systems undergoing the RMF process, conducting initial assessments, coordinating meetings, tracking communications, and collaborating with system owners, vendors, DHA leadership, the Risk Management Executive (RME) Division, Risk Management as a Service (RMFaaS), and Integrated Project Team (IPT) leads. Responsibilities include leveraging approved communication channels such as eMASS, Consolidated System Tracking and Reporting (CSTAR), Microsoft applications, and other authorized platforms.
This position supports high-impact cybersecurity efforts, including tool testing, trend analysis, remediation planning, policy development, workflow creation, and implementation planning. The candidate must be capable of identifying root causes, resolving broadly defined problems, and delivering accurate and timely solutions aligned with DoW, DISA, DHA, RME, and RMFaaS guidance.
Services to be performed include, but are not limited to:
• Perform Assessment and Authorization (A&A) activities to support RMF compliance and ATO attainment.
• Conduct initial assessments of DoW systems and provide feedback and guidance throughout the authorization lifecycle.
• Coordinate and facilitate meetings with internal and external stakeholders.
• Regularly utilize eMASS and CSTAR to manage and track system authorization activities.
• Monitor and track progress for assigned systems and update online databases weekly at a minimum.
• Troubleshoot and resolve issues related to cybersecurity tools.
• Create Security Assessment Plans (SAP) for assigned systems.
• Analyze and identify inconsistencies using Control Correlation Identifiers (CCIs), hardware and software inventories, authorization boundaries, and external communication documentation.
• Assist ISSMs, ISSOs, and cybersecurity team members by recommending RMF and CSRMC-related documentation updates.
• Identify and report risks or inefficiencies to the Estimate Team Lead and recommend procedural or operational improvements.
• Recommend and select applicable STIGs and SRGs within defined authorization boundaries.
• Utilize cybersecurity tools such as PCAT, CSTAR, eMASS, and other approved tools.
• Provide remote customer support in accordance with DoW, DISA, DHA, RME, and RMFaaS guidelines.
• Facilitate enterprise tool training sessions and one-on-one customer training when required.
• Provide regular status updates to the Estimate Team Lead and participate in program meetings and working groups.
Required Education and Experience:
• Bachelor of Science degree in Information Technology, Cybersecurity, Business, or related field from an accredited university, or commensurate experience.
• Minimum of three (3) years of experience with complex software systems, including Systems Analysis, Systems Architecture, Systems or Equipment Support, and Test and Evaluation.
• Minimum of two (2) years of experience in Electronics Engineering, Computer Engineering, Computer Science, Management Information Systems, Information Systems, Cybersecurity, cloud solutions, or Information Technology.
• Working knowledge of Facility-Related Control Systems, Platform IT (PIT) Systems, major applications, networks, and other software solutions.
• Experience using eMASS.
• Proficiency with Microsoft Office Suite (Word, Excel, PowerPoint, Visio, Outlook).
• Strong time management skills and ability to manage correspondence and priority scheduling.
• Excellent written and verbal communication skills.
Required Certification(s):
• Security+ Certification.
Preferred Qualifications:
• CASP+, CISSP, or CySA+.
• Experience working with the Defense Information Systems Agency (DISA).
• Experience serving as an ISSM or ISSO.
Clearance Level:
Active Secret Security Clearance (Required)
Benefits at 3 Reasons Consulting:
At 3 Reasons Consulting, we are committed to supporting the well-being of our team with a comprehensive benefits package that includes both company-paid and shared-cost options. Our benefits are designed to enhance your health, financial security, and work-life balance to help you thrive personally and professionally as a valued member of our team.
Company-Paid Benefits:
Short/Long Term Disability
Basic Life Insurance
Direct Payroll Deposit
Leave Accrual
Holidays
401(k) Match
Employee / Company Shared Benefits:
Additional (Voluntary) Life Insurance
401(k)
Medical Coverage
Dental Coverage
Vision Care Plan
Flexible Spending Account Plan
An Equal Opportunity Employer
3 Reasons Consulting is an Equal Opportunity Employer. We are committed to providing a workplace free from discrimination or harassment and hold all employees accountable to protect this mission. We do not discriminate on the basis of race, color, gender, religion, national origin, sexual orientation, age, marital status, veteran status, military status, disability status, or any other characteristic protected by federal, state, or local law. All applicants will receive consideration for employment without regard to protected bases.
group id: 91091531
