Job Details

Senior Cyber Security Analyst - NQV (Norfolk, New Orleans or Charlesto

Main Sail, LLC
Norfolk, Virginia, United States

Senior Cyber Security Analyst - NQV II - III

*** United States citizenship required per government contract. (dual citizenship is not permitted). A completed United States DOD clearance investigation and current, active eligibility is required to perform on this contract, and therefore is required to be considered for a position.***

Location: Any of the these locations - New Orleans, LA | Norfolk, VA | Charleston, SC (Remote to Start)

Period of Performance: ASAP - May 2022 (multi-year contract with options)

Main Sail has an immediate opening for a Senior Cyber Security Analyst - NQV to provide cyber security support to the Enterprise Systems and Services (E2S). E2S, also known as PMW 250, develops and implements reliable, efficient and secure business information technology (IT) solutions. Established in early 2017, E2S supports a wide array of Navy, Marine Corps and other DoD customers. The ideal candidate will have experience with Navy eMASS and doing RMF packages (Cloud experience preferred); is very detailed oriented with strong written and oral communication skills; and excels with proper handling and protection of sensitive information, etc.


  • Ensures the completion of programs, projects or tasks within estimated timeframes and budget constraints; ensures that the quality of the program, project or task deliverable meets the established standards or metrics
  • Provides Cyber Security guidance and documentation throughout the system development life cycle
  • Provides Cyber Security guidance at meetings, briefings and design reviews and during system development in accordance with prevailing Cyber regulations and policies
  • Supports the PM, SCA, ISSM, and ISSE throughout all phases of the security authorization process
  • Performs system security reviews for Assessment and Authorization (A&A)
  • Assists with development and tracking of the POA&M in eMASS
  • Supports RMF Checkpoint and Collaboration meetings
  • Assists with the System Categorization and consults on the SLCM Strategy
  • Develops the Security Plan, Security Assessment Plan, Security Assessment Report, and Executive Summaries
  • Ensures the completion of cyber related programs, projects, or tasks within estimated timeframes and budget constraints
  • Provides Cybersecurity guidance at meetings, briefings and design reviews, and during system development in accordance with prevailing Cyber regulations and policies
  • Ensures Cybersecurity system designs that properly mitigate identified threats and vulnerabilities
  • Reviews and approves test and evaluation activities to validate those threats and vulnerabilities are mitigated
  • Conducts A&A process for IT systems and networks in accordance with the DoN Risk Management Framework process
  • Report package status and risks weekly to senior level government leadership


  • Minimum 5+ years of experience in Certification and Accreditation (C&A) or Assessment and Authorization (A&A)
  • Approved Navy Qualified Validator (NQV) Level III
  • Expert knowledge of Risk Management Framework (RMF) at the ISSE/NQV level
  • Expert knowledge of eMASS at the ISSE/NQV level
  • BS Degree in Cyber Security/Engineering field (e.g., Computer, Electrical, Mechanical, Systems, Security)
  • Minimum 3+ years' experience with independently performing validator activities defined in the Navy RMF process guide and applying RMF guidance to Navy or DoD A&A efforts
  • Experience with test and evaluation for allocating assigned security controls into assessment objectives and procedures, developing and executing Security Assessment Plans (SAP)
  • Expert knowledge and experience with using the DoD Assured Compliance Assessment Solution (ACAS) suite of tools
  • Expert knowledge and experience with vulnerability assessment scanning tools and reporting, intrusion detection technologies, intrusion prevention technologies, and host-based security system (HBSS)
  • Expert knowledge of DoD published Security Technical Information Guidance (STIG) requirements and implementation or compliance process
  • Firm understanding of DISA CAL boundaries and experience coordinating with the PPSM team to register ports not registered within the latest DISA's CAL boundary list
  • Firm understanding of sensitive data types and cybersecurity protections associated with that data (e.g., PII, PHI, etc.)
  • Firm knowledge of cloud technology concepts and their relationship with Navy RMF/eMASS
  • Ability to think independently with minimal oversight, as well as demonstrate exceptional written and oral communications skills
  • Exemplary customer/client management skills and techniques

Erin Gatewood

Main Sail, LLC

- provided by Dice

Send application

Mail this job to me so I can apply later

Apply With CV

You are not logged in. If you have an account, log in to your account. If you do not have an account, why not sign up? It only takes a minute!

latest videos

Upcoming Events