Posted today
Top Secret/SCI
$130,000 - $140,000
Unspecified
IT - Security
Wiesbaden, Germany (On-Site/Office)
Cybersecurity Analyst (RMF Authorization)
| Full-Time | Wiesbaden, Germany | Top Secret/SCI Clearance
The Cybersecurity Analyst (RMF Authorization) plays a critical role in safeguarding mission systems through Risk Management Framework (RMF) implementation and sustainment. This position leads efforts to secure and maintain Authority to Operate (ATO) for both enterprise and mission enclave systems. As part of the J62 Cybersecurity Division, this role is responsible for RMF documentation, POA&M tracking and closure, STIG compliance, vulnerability remediation, account management across multiple enclaves, and stakeholder coordination with USAREUR-AF, USAFE, and higher headquarters.
Responsibilities
Develop, maintain, and submit RMF packages in accordance with DoDI 8510.01 and NIST SP 800-37 for SAGNet, DUNC, and other mission systems.
Coordinate with Authorizing Officials (AOs), ISSM, and ISSOs to maintain ATO status, including tracking and resolving the SAGNet eMASS ATO decommission issue with USAREUR-AF G6 CSD and NETCOM.
Write, complete, and close POA&Ms, creating answer files for future use and maintaining compliance documentation for all open findings.
Collect artifacts and develop/refine System Security Plans (SSP), Risk Assessment Reports (RAR), Security Assessment Reports (SAR), COOP/DRP, and SOPs to ensure compliance with NIST SP 800-53 and CNSSI 1253.
Apply DISA STIGs to mission systems and coordinate with Systems Administrators and Network Engineers on STIG completion for ATO packages.
Process account paperwork and manage user accounts across NIPR, SIPR, SIPR/REL, SAGNet, BICES, JWICS, Crackle, and POP enclaves, tracking weekly account creation metrics.
Support monthly continuous monitoring updates, control reviews, and artifact validation in eMASS.
Participate in Timeline/Glide Path meetings and coordinate ATO package milestone completion with EUCOM, USAFE and USAREUR-AF stakeholders.
Perform vulnerability scanning; generate Evaluation Risk Reports and scorecards.
Monitor and analyze Intrusion Detection Systems (IDS) to identify security issues for remediation.
Provide RMF input for new IT initiatives, infrastructure changes, and enclave build-outs including DUNC CSSP integration.
Requirements
Education
Bachelor's Degree in Computer Science, Information Security, or related technical discipline; or equivalent combination of education, professional training, and work experience
Experience
8-10 years of related experience in data security administration; 2+ years direct C&A/A&A experience
Technical Skills
Deep understanding of NIST 800-53 controls, DoDI 8510.01, and the full RMF lifecycle
Familiarity with DISA STIGs, IAVA management, and vulnerability scanning tools such as ACAS (Tenable.sc)
Experience with eMASS workflows, POA&M management, and ATO sustainment procedures
Experience developing SSP, RAR, SAR, and supporting RMF documentation packages
Proficiency with account management across multiple classification enclaves
Understanding of network devices (routers, switches) and their security configurations
Role Requirements
Proven ability to coordinate across technical and security teams and with higher headquarters (USAREUR-AF, USAFE, NETCOM)
Excellent written communication and documentation skills for compliance artifacts
Familiarity with enclave-level cyber posture and mission system security integration
Ability to work both independently and as part of a collaborative cyber compliance team
Ability to track and report cybersecurity metrics including account processing volumes and POA&M status
Certifications
Required: IAM Level III (CISSP, CISM, or GSLC); ITIL Foundation required within 90 days of hire
Preferred: Cisco CCNA Cyber Ops, VMware, SPLUNK, ISACA CCAK, ISC2 CCSP, or Cloud Certification (Google/Amazon/Microsoft)
Clearance and Citizenship
Clearance: TS/SCI
Citizenship: U.S. Citizenship required
Must be approved for German TESA.
Preferred Qualifications
Experience supporting RMF for tactical or coalition mission systems
Knowledge of eMASS workflows and ATO approval process, including handling decommissioned packages
Experience with SPLUNK and VMware in a cybersecurity monitoring context
Experience with networking devices such as routers and switches
Physical Requirements
This position may require occasional physical activity such as lifting equipment, bending/crouching to troubleshoot, and extended periods of sitting.
Job Types: Full-Time
Salary: $130k-$140k + LQA
Schedule: Monday-Friday
Benefits:
• 401(k) matching
• Full Medical
• Paid time off
• Professional development assistance
STEELGATE LLC is a Service-Disabled, Veteran-Owned Small Business (SDVOSB) that prides itself in hiring top-level Subject Matter Experts (SME's) proven to exceed deliverable expectations. STEELGATE LLC is focused on solving the hard problems facing our government and commercial clients. Our success lies in blending together relevant domain/functional knowledge with deep expertise in Information Technology, Cybersecurity, Defensive Cyber Operations, cloud-based DevSecOps, Data Analytics & AI, Acquisition and Acquisition Management, and more. STEELGATE LLC has a positive, inclusive workplace environment where all team members and partners work towards mutual success. We have established a reliable reach-back program whereas all SMEs are available to support, advise and directly complete mission deliverables when necessary. STEELGATE LLC has a worldwide reputation as a valued and trustworthy partner. Our can-do attitude and willingness to support any mission requirement sets us apart from other small business organizations. Find out more about STEELGATE LLC @ www.steelgatellc.com.
We are an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other characteristic protected by law.
| Full-Time | Wiesbaden, Germany | Top Secret/SCI Clearance
The Cybersecurity Analyst (RMF Authorization) plays a critical role in safeguarding mission systems through Risk Management Framework (RMF) implementation and sustainment. This position leads efforts to secure and maintain Authority to Operate (ATO) for both enterprise and mission enclave systems. As part of the J62 Cybersecurity Division, this role is responsible for RMF documentation, POA&M tracking and closure, STIG compliance, vulnerability remediation, account management across multiple enclaves, and stakeholder coordination with USAREUR-AF, USAFE, and higher headquarters.
Responsibilities
Develop, maintain, and submit RMF packages in accordance with DoDI 8510.01 and NIST SP 800-37 for SAGNet, DUNC, and other mission systems.
Coordinate with Authorizing Officials (AOs), ISSM, and ISSOs to maintain ATO status, including tracking and resolving the SAGNet eMASS ATO decommission issue with USAREUR-AF G6 CSD and NETCOM.
Write, complete, and close POA&Ms, creating answer files for future use and maintaining compliance documentation for all open findings.
Collect artifacts and develop/refine System Security Plans (SSP), Risk Assessment Reports (RAR), Security Assessment Reports (SAR), COOP/DRP, and SOPs to ensure compliance with NIST SP 800-53 and CNSSI 1253.
Apply DISA STIGs to mission systems and coordinate with Systems Administrators and Network Engineers on STIG completion for ATO packages.
Process account paperwork and manage user accounts across NIPR, SIPR, SIPR/REL, SAGNet, BICES, JWICS, Crackle, and POP enclaves, tracking weekly account creation metrics.
Support monthly continuous monitoring updates, control reviews, and artifact validation in eMASS.
Participate in Timeline/Glide Path meetings and coordinate ATO package milestone completion with EUCOM, USAFE and USAREUR-AF stakeholders.
Perform vulnerability scanning; generate Evaluation Risk Reports and scorecards.
Monitor and analyze Intrusion Detection Systems (IDS) to identify security issues for remediation.
Provide RMF input for new IT initiatives, infrastructure changes, and enclave build-outs including DUNC CSSP integration.
Requirements
Education
Bachelor's Degree in Computer Science, Information Security, or related technical discipline; or equivalent combination of education, professional training, and work experience
Experience
8-10 years of related experience in data security administration; 2+ years direct C&A/A&A experience
Technical Skills
Deep understanding of NIST 800-53 controls, DoDI 8510.01, and the full RMF lifecycle
Familiarity with DISA STIGs, IAVA management, and vulnerability scanning tools such as ACAS (Tenable.sc)
Experience with eMASS workflows, POA&M management, and ATO sustainment procedures
Experience developing SSP, RAR, SAR, and supporting RMF documentation packages
Proficiency with account management across multiple classification enclaves
Understanding of network devices (routers, switches) and their security configurations
Role Requirements
Proven ability to coordinate across technical and security teams and with higher headquarters (USAREUR-AF, USAFE, NETCOM)
Excellent written communication and documentation skills for compliance artifacts
Familiarity with enclave-level cyber posture and mission system security integration
Ability to work both independently and as part of a collaborative cyber compliance team
Ability to track and report cybersecurity metrics including account processing volumes and POA&M status
Certifications
Required: IAM Level III (CISSP, CISM, or GSLC); ITIL Foundation required within 90 days of hire
Preferred: Cisco CCNA Cyber Ops, VMware, SPLUNK, ISACA CCAK, ISC2 CCSP, or Cloud Certification (Google/Amazon/Microsoft)
Clearance and Citizenship
Clearance: TS/SCI
Citizenship: U.S. Citizenship required
Must be approved for German TESA.
Preferred Qualifications
Experience supporting RMF for tactical or coalition mission systems
Knowledge of eMASS workflows and ATO approval process, including handling decommissioned packages
Experience with SPLUNK and VMware in a cybersecurity monitoring context
Experience with networking devices such as routers and switches
Physical Requirements
This position may require occasional physical activity such as lifting equipment, bending/crouching to troubleshoot, and extended periods of sitting.
Job Types: Full-Time
Salary: $130k-$140k + LQA
Schedule: Monday-Friday
Benefits:
• 401(k) matching
• Full Medical
• Paid time off
• Professional development assistance
STEELGATE LLC is a Service-Disabled, Veteran-Owned Small Business (SDVOSB) that prides itself in hiring top-level Subject Matter Experts (SME's) proven to exceed deliverable expectations. STEELGATE LLC is focused on solving the hard problems facing our government and commercial clients. Our success lies in blending together relevant domain/functional knowledge with deep expertise in Information Technology, Cybersecurity, Defensive Cyber Operations, cloud-based DevSecOps, Data Analytics & AI, Acquisition and Acquisition Management, and more. STEELGATE LLC has a positive, inclusive workplace environment where all team members and partners work towards mutual success. We have established a reliable reach-back program whereas all SMEs are available to support, advise and directly complete mission deliverables when necessary. STEELGATE LLC has a worldwide reputation as a valued and trustworthy partner. Our can-do attitude and willingness to support any mission requirement sets us apart from other small business organizations. Find out more about STEELGATE LLC @ www.steelgatellc.com.
We are an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other characteristic protected by law.
group id: 91133289
N
