Cyber Risk Analyst

Company Description

The Red Gate Group, founded in 2006, is a Service-Disabled Veteran-Owned Company based in Chantilly, VA. As an SDVOSB, the Red Gate Group has established a reputation for delivering quality multi-tiered services in intelligence analysis, strategic planning, program management, policy development, operational design, and technology integration. RGG delivers high-quality, customer-centric solutions around the world—from the foxhole to the highest levels of Government. Our motto, "Making a Difference for Country and Client," reflects our deep commitment to national security and service excellence. As an employer of choice, we offer comprehensive benefits including flexible time off, 11 paid holidays, immediate 401(k) eligibility with a generous match, and full medical, dental, and vision coverage through Anthem. Our employees enjoy 100% company-paid life insurance and disability benefits, along with professional development assistance for degrees and certifications. We foster a culture of growth and work-life balance, backed by our commitment to supporting both our clients' missions and our employees' success. Join our team and be part of an organization that values both service excellence and employee wellbeing.

Job Description

The Red Gate Group is seeking a Cyber Risk Analyst to support the Defense Threat Reduction Agency (DTRA) in Reston, VA. In this role, you will serve as a trusted cybersecurity advisor, helping DoD and Intelligence Community programs cut through the noise of evolving cyber threats. By assessing risks, developing mitigation strategies, and guiding clients through the Risk Management Framework (RMF), you’ll ensure mission-critical networks and systems remain secure.

You will collaborate with engineers, SMEs, and stakeholders to evaluate technical, environmental, and personnel vulnerabilities, then translate those insights into actionable security recommendations. From developing authorization packages to delivering briefings and white papers, you will shape cyber risk strategies that protect national security. This role is an opportunity to deepen your expertise in cybersecurity while making an immediate impact on one of the nation’s most vital missions.

Key Responsibilities:

• Assess cybersecurity risks for DoD and IC programs, aligning findings with applicable policies and standards.
• Lead and support Assessment and Authorization (A&A) activities, including package development, artifact generation, and obtaining Authority to Operate (ATO).
• Conduct system security hardening of Windows and Linux operating systems using tools such as ACAS, SCAP, STIG/SRGs, SCC, eMASS/Xacta, ESS, Prisma Cloud, Kubernetes, Rancher, and Docker.
• Develop and maintain security documentation, including System Security Plans (SSPs), Security Assessment Plans (SAPs), Privacy Impact Assessments, POA&Ms, and risk assessments.
• Guide clients through the RMF lifecycle, ensuring compliance with NIST and CNSSI standards.
• Present findings and recommendations to leadership through white papers, briefings, and milestone reports.
• Collaborate with multidisciplinary teams to integrate security into system engineering and acquisition processes.
  
  

Qualifications

• Active TS/SCI clearance.
• 5+ years of experience working in a professional IT environment.
• 3+ years of experience in cybersecurity.
• 3+ years of experience with Assessment and Authorization (A&A) for DoD/IC programs.
• Experience with security hardening of Windows and Linux systems and security tools (ACAS, SCAP, STIG/SRGs, SCC, eMASS/Xacta, ESS, Prisma Cloud, Kubernetes, Rancher, Docker).
• Experience generating and maintaining A&A documentation (SSPs, SAPs, POA&Ms, risk assessments, etc.).
• Knowledge of RMF processes and associated standards, including NIST SP 800-53, NIST SP 800-60, and CNSSI 1253.
• IAT Level II certification (e.g., Security+).
  
  

Desired Qualifications:

• Experience supporting DoD or IC cybersecurity programs.
• Experience with DevSecOps, CI/CD, and Path-to-Production.
• Experience with Cloud Authorization and Cloud Migration.
• Experience administering Red Hat Enterprise Linux or Windows Server 2012+.
• Ability to provide input to system engineering documents (TRDs, ICDs, specifications).
• Strong communication skills, with the ability to explain technical issues to both technical and non-technical audiences.
• Bachelor’s degree in a related field.
  
  

Additional Information

The Red Gate Group, Ltd. is an Equal Opportunity/Affirmative Action Employer. The Red Gate Group, Ltd. considers applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state, or local law. Know Your Rights