Cyber Security Analyst

About Engility:

Engility delivers innovative solutions to critical challenges facing the nation and the world. As a premier provider of integrated services for the U.S. government, we support the Department of Defense, intelligence community, space communities, federal civilian agencies and international customers. Engility is dedicated to making lives better, safer and more secure.


  • Participate in Assessment and Authorization activities in accordance with ICD 503 and the Risk Management Framework (implemented via the JSIG/DJSIG), DoD Instruction 8510.01, DCID 6/3, JAFAN 6/3, and NISPOM Chapter 8;
  • Develop and review Information System Body of Evidence documents, including the System Security Plan (SSP), Security Control Traceability Matrix (SCTM), Risk Assessment Reports (RAR) and provide Authorization/Approval recommendations (including creation of the Security Assessment Report (SAR), Plan of Actions and Milestones (POA&M), and Authority to Operate (ATO);
  • Analyze Threats and Vulnerabilities, and provide Risk Mitigation and Acceptance recommendations;
  • Review, comment, and recommend changes or amplification to DoD and DARPA policies or procedures;
  • Participate in the Configuration Control Board (CCB) process, evaluate IA products and provide written recommendations as to the security implications and usefulness for the DARPA mission;
  • Develop, implement and evaluate, Information System security program policy incorporating special emphasis on integration of existing SAP and SCI network infrastructures;
  • Establish, schedule, and perform network security analysis for DARPA systems and advise DARPA SAPCO on IT Assessment issues revealed;
  • Perform IA risk assessments and provide recommendations to SAPCO;
  • Evaluate IT vulnerabilities to assess whether additional safeguards are prudent; ensure that Assessment, as appropriate, is accomplished for each information system;
  • Conduct Trusted Downloads and data transfers using Document Detective;
  • Perform computer forensics using Encase;
  • Develop and maintain formal, written, Information Systems Security Program Standard Operating Procedures (SOP);
  • Conduct Assessment tests to include verification that the features and assurances are functional and support all Security Categorizations and Overlays;
  • Ensure that Assessments are accomplished on each IS and maintain a repository for all system Assessment and Authorization documentation and modifications;
  • Participate in IS security inspections, tests, reviews, and self-inspections;
  • Prepare policies and procedures for responding to security incidents, and for investigating and reporting security violations and incidents;
  • Assist with inquiries and investigations of possible security incidents and ensure proper protection or corrective measures have been taken when an incident or vulnerability has been discovered within a system;
  • Perform system audits on multiple systems; work closely with system administrators and ensure current security measures are sufficient and in compliance with approved policies and processes;

Required Qualifications:

  • BS/8 or MS/4 with CISSP certification
  • Knowledge of Information Assurance Policy and Guidance
  • Experience with Special Access Programs/SCI
  • Knowledge of Information System Security Plans and/or System Security Authorization Artifacts
  • Knowledge of Assessment and Authorization activities in accordance with ICD 503, the Risk Management Framework (JSIG/DJSIG), DoD instruction 8510.01, DCID 6/3, JAFAN 6/3, and NISPOM Chapter 8

Desired Qualifications:

  • Ability to use Microsoft Suite
  • Effective oral and written communication skills, excellent interpersonal skills, and computer literacy
  • Strong analytical and problem solving skills
  • Superior verbal/written skills and presentation skills


. . . . . . . .

Leave a Reply