Cyber Analyst

Position Title: Cyber Analyst

Location: Redstone Arsenal 

Position Type: Full-Time

General Summary:

The Cyber Analyst serves as a critical asset in supporting the Army customer, directly interfacing with government customer, stakeholders, and cross-functional teams. The ideal candidate brings robust expertise in Zero Trust architecture, Identity, Credential, and Access Management (ICAM) principles, Voice modernization initiatives, IPv6 implementation, Windows 11 migration strategies, and Risk Management Framework (RMF) processes tailored to Army and DoD environments. This role requires an understanding of IT/OT best practices, the RMF lifecycle, organizational leadership, a working knowledge of policy development and analysis of laws, directives, and regulations, as well as firsthand experience in Information Technology practices within the Army environment. Additionally, this position demands knowledge and experience in Operational Technology (OT) and Control Systems architecture. The candidate possesses the ability to review, analyze, and interpret assessments from teams like Cyber Protection Teams (CPTs) and Black Start Exercises (BSEs), and present findings to senior leadership in a clear, actionable format. May perform other duties as assigned.

Principal Duties and Responsibilities:

CIO Experience & Strategic Planning:

• Collaborate with senior leadership to align IT/OT and Information Technology strategy with broader organizational goals.
• Collaborate with IT / OT stakeholders and system owners to seamlessly integrate information technology initiatives into IT and OT infrastructure, ensuring alignment with organizational goals and security standards.
• Support and coordinate the planning and implementation of the Army's transition to IPv6, for IT / OT under the organization’s purview.
• Support the Windows 11 migration, developing secure migration roadmaps that minimize operational disruptions for Control Systems in their environment while adhering to DoD standards.
• Lead and support the design, implementation, and optimization of IT/OT strategies to safeguard organizational assets, including IT infrastructure, Operational Technology (OT) systems, applications, and sensitive data.
• Advise stakeholders how to implement, and optimize Zero Trust principles to ensure continuous verification, least-privilege access, and real-time threat mitigation across IT and OT infrastructures.

• Provide guidance and mentorship to junior cyber analysts and staff.

Risk Management & Compliance:

• Consult with system owners to review risk assessments for IT and OT systems, identify vulnerabilities, and provide governance-focused recommendations for mitigation strategies in compliance with RMF and NIST standards.
• Support system owners within the IT / OT community by providing guidance on integrating cybersecurity and IT initiatives into their systems, ensuring compliance with organizational standards and security best practices.
• Demonstrate the ability to manage and execute the full RMF lifecycle for Army and DoD-related systems, including categorization, security controls implementation, risk assessment, and continuous monitoring.
• Work closely with stakeholders to ensure compliance with RMF standards and requirements in accordance with organizational guidelines.

Policy Development & Regulatory Analysis:

• Develop, review, and analyze policies with an emphasis in IT / OT, ensuring alignment with applicable laws, directives, and regulations while addressing the unique information technology and operational requirements of both environments.
• Stay current on evolving legal and regulatory requirements, including DoD and Army-specific standards, and ensure organizational compliance with federal information technology-related laws and directives.
• Develop and support initiatives to integrate Zero Trust, IPv6, and Windows 11 strategies into the Army's Operational Technology and IT environment, ensuring alignment with security objectives.
• Shape the design and inform the implementation of ICAM frameworks to ensure secure identity lifecycle management and access control policies across IT and OT systems.
• Leverage ICAM principles to enhance identity governance, multi-factor authentication (MFA), and role-based access for personnel and systems.
• Ensure alignment of ICAM initiatives from Army policies and DoD directives to the OT environment.

Security Documentation & Reporting:

• Demonstrated ability to assist with developing and maintaining security documentation for all systems under the organization’ s purview, ensuring all artifacts (e.g., SSPs, POA&Ms, C&A packages) are up-to-date and aligned with the Army’s and organizations RMF process.
• Provide clear, concise reports on risk posture to senior leadership.

Incident Response & Mitigation:

• Support and advise system owners in responding to security incidents across IT and OT environments, offering guidance on the development of incident response protocols and procedures.
• Assist with reviewing and analyzing post-event analyses and recommendations to enhance the security posture and resilience across IT and OT environments.
• Develop and refine incident response protocols, incorporating lessons learned into Army-wide cybersecurity practices.

Assessment Analysis & Presentation:

• Analyze assessments and findings from Cyber Protection Teams (CPTs), Black Start Exercises, and other relevant IT/OT assessments.
• Provide a comprehensive analysis of the “so-what” of these assessments, highlighting key takeaways, risks, and recommendations for improvement.
• Present findings in a clear, concise presentation format to senior leadership, ensuring the leadership team is informed and equipped to make strategic decisions based on these analyses.

Collaboration with Cross-Functional Teams:

• Partner with stakeholders and teams to implement IT/OT best practices across all levels of the program.

Required Experience:

• Bachelor's degree in Cybersecurity, Information Technology, or a related field. Master’s degree preferred.
• Experience: Minimum of 8-12 years in IT/OT roles, including at least 3-5 years of experience in a senior role with CIO-level responsibilities.
• Demonstrated experience and working knowledge of the Army’s IT/OT processes and firsthand knowledge in securing Operational Technology (OT) and Control Systems is highly preferred.
• Requires working on-site and travel
• Active Secret Clearance

Preferred Qualifications

• Expertise in Zero Trust frameworks, including micro-segmentation, identity-based access, and continuous monitoring.
• Deep IT/OT understanding of RMF, NIST 800-53, Zero Trust, and cybersecurity principles.
• Expertise in securing IT and OT systems, including SCADA, ICS, and industrial control systems, as well as risk management and compliance assessments.
• Advanced knowledge of ICAM, IPv6 implementation and Windows 11 deployment.
• Policy Development & Regulatory Knowledge:

• • Demonstrated experience in policy development, analysis of laws, directives, and regulations related to IT/OT, particularly in a government or military context.
  • Ability to interpret and apply regulations to both IT and OT operational environments.
  • Proven ability to lead and manage teams, guide strategic decision-making, and communicate effectively with senior leadership and cross-functional teams.

• Skills and Attributes:

• • In-depth knowledge of Army-specific IT/OT standards, RMF application, and security practices.
  • Strong understanding of IT/OT and Information Technology laws, directives, and regulations at the federal and DoD level.
  • Ability to analyze and synthesize complex assessments from CPTs, BSEs, and other similar activities, and translate these into actionable insights.
  • Exceptional presentation and communication skills, capable of translating technical concepts for senior leadership.
  • Strong written and verbal communication skills for technical and non-technical audiences, with experience presenting findings to senior leadership.
  • Ability to work independently and as part of a collaborative team environment.
  • Analytical thinker with the ability to balance operational and security requirements in both IT and OT environments.
  • Exceptional critical thinking skills and an initiative-taking approach to Information Technology threats.
  • Exceptional presentation and communication skills, capable of translating technical concepts for senior leadership.
  • Certifications:
  • Industry certifications such as CISSP, CISM, CISA, or other relevant certifications preferred. Additionally, certifications that demonstrate firsthand Information technology knowledge specific to the Army and OT environments are highly desirable, including:
  • Certified Ethical Hacker (CEH)
  • GIAC Security Essentials (GSEC)
  • Certified SCADA Security Architect (CSSA)
  • Information Technology Infrastructure Library (ITIL)

WORKING CONDITIONS 

Work is performed with little, or no, direct supervision. Work may be performed both indoors and outdoors. May require travel to less-desirable locations. This position may require CONUS and/or OCONUS travel. Work may require being able to lift, carry, or move items up to approximately forty pounds. Work may require climbing on military equipment. Work will be located onsite at a military site. 

ABOUT CINTEL, INC: 

Cintel Inc. is a Small Business providing strategies and services to support an array of Government clients in Software Development, Operational/Tactical and Installation/Facilities Energy, Cyber Security, Modeling and Simulation, Data Science, and Programmatic support. 

We offer our clients nimble, unique, and value focused solutions with an emphasis on people, connectivity, communication, and teamwork. Our team believes that people drive solutions. By connecting people, information, teams, and experience we deliver solutions that respond to customer needs. 

It is the policy of Cintel that all persons are entitled to equal employment opportunity regardless of their race, color, religion, sex (including gender identity, sexual orientation, and pregnancy), national origin, age (40 or older), disability, genetic information, or veteran status. These policies shall ensure that the practice of nondiscrimination will be applied in the employment, promotion, upgrading, demotion, transfer, layoff, termination, recall or rehire of personnel. Equal employment opportunity applies to all terms and conditions of employment, including hiring, placement, promotion, termination, layoff, recall, transfer, leave of absence, compensation, and training. 

Cintel, Inc. expressly prohibits any form of unlawful employee harassment or discrimination based on any of the characteristics mentioned above. Improper interference with the ability of other employees to perform their expected job duties is not tolerated.