Cyber Analyst

General Atomics Integrated Intelligence, Inc. (GA Intelligence), an affiliate of General Atomics, was founded in 1989. It provides custom software development and innovative information engineering solutions to customers in government and private industry. We build and develop best-in-class all domain and globally focused situational awareness capabilities that process petabytes of data from numerous streaming data sources in near real time. Our systems apply state-of-the-art algorithms and machine learning techniques to extract features and fuse data from multiple phenomenologies to form a rich live view of objects in the sky, on the sea, and on the ground. These analytics are designed to determine not just where something is, but what it is, where it's been and what it's doing. All of this "data to knowledge" is made available to end users in our own browser-based application for visualization, analysis, and understanding. We always want to do more, and that's where you come in!
GA-Intelligence is looking for an experienced Cyber Analyst, preferably with a Top Secret/SCI clearance to work in our Charlottesville, Virginia office. The position will be responsible for ensuring cybersecurity compliance, conducting security assessments, and supporting security governance activities utilizing industry best practices.

DUTIES & RESPONSIBILITIES:

• Maintains comprehensive understanding of CMMC requirements and DFARS 7012 (NIST SP 800-171) controls; monitors and assesses organizational compliance with applicable cybersecurity frameworks.
• Conducts regular security control assessments to verify implementation and effectiveness; performs security control testing and validation activities.
• Reviews security logs, alerts, and reports to identify potential compliance issues; creates comprehensive queries and reports to extract security-relevant information for compliance reporting.
• Monitors vulnerability management activities and ensures timely remediation in accordance with compliance requirements; tracks and reports on security metrics and key performance indicators.
• Identifies, assesses, and documents cybersecurity risks to systems handling CUI; develops and maintains risk registers and supports Risk Management Framework (RMF) processes.
• Supports Information Assurance (IA) activities for classified systems, including security control monitoring, documentation review, and compliance verification in accordance with ICD 503, CNSSI, and applicable Intelligence Community Directives.
• Coordinates and supports CMMC assessments and audits, including preparation of required documentation such as System Security Plans (SSPs), Plans of Action and Milestones (POA&Ms), and security control implementation evidence.
• Develops, reviews, and maintains cybersecurity policies, procedures, and standards aligned with CMMC and DFARS requirements; communicates compliance requirements and status to technical and non-technical stakeholders; supports contract teams with cybersecurity compliance questions and documentation.
• Supports CMMC and DFARS compliance activities as part of a multi-person team; coordinates with IT teams and interfaces with external auditors, assessors, and government representatives.
• Maintains the strict confidentiality of sensitive information.
• Performs other duties as assigned.

We recognize and appreciate the value and contributions of individuals with diverse backgrounds and experiences and welcome all qualified individuals to apply.

Job Qualifications

• Typically requires a bachelor's degree in related field and five or more years of professional computer system security experience or related field.
• Equivalent professional experience may be substituted in lieu of education.
• Must demonstrate a complete understanding of computer system security principles, concepts, practices and techniques.
• Must have experience organizing, planning scheduling, conducting, and managing work assignments to meet project milestones or established completion dates.
• Must possess the ability to understand new concepts quickly and apply them in an evolving environment while contributing to the development of new processes.
• Must be customer focused and possess:
  • the ability to identify issues, analyze and interpret data and develop solutions to a variety of complex issues;
  • strong analytical skills, verbal and written communication skills to accurately document, report and present findings;
  • strong interpersonal skills and ability to interface with other professionals; and
  • strong computer skills.
• Ability to work both independently and in a team environment is essential as is the ability to work extended hours as required.
• Ability to obtain and maintain DoD security clearance required.

PREFERRED SKILLS AND QUALIFICATIONS:

• Experience supporting DoD contracts and working with Controlled Unclassified Information (CUI)
• Experience conducting or supporting security audits and assessments
• Familiarity with FedRAMP, NIST SP 800-171, NIST SP 800-53, or other government compliance frameworks
• Experience with GRC (Governance, Risk, and Compliance) platforms
• Knowledge of supply chain risk management requirements (e.g., NIST SP 800-161)
• Experience with SIEM tools, vulnerability scanners, and other cybersecurity monitoring platforms
• Additional relevant certifications (e.g., CISSP, CCP, CCA, CISA, CRISC, Sec+ certifications)
• Understanding of cloud security principles and compliance in government cloud environments
• Experience with classified system security requirements (e.g., ICD 503, CNSSI 1253, JSIG)
• Familiarity with Intelligence Community security policies and directives
• Experience supporting DIACAP, RMF, or other authorization processes for classified systems