top of page

Junior Cybersecurity Analyst

Job ID: S001 (multiple positions)

Location: Northern Virginia

Clearance: Top Secret Clearance Required.

About Special Aerospace Security Services:

Started in 1988, Special Aerospace Security Services (SASSI) is a Woman Owned Small Business (WOSB) focused on delivering national security mission solutions to the U.S. Government in support of their vital role in protecting the United States of America. Known for highly interactive training provided by nationally recognized security experts from a wide variety of different security disciplines. SASSI has three operating Divisions that cover all aspects of security services: Integrated Security Solutions (ISS), Health Security Services (HSS), and the National Security Training Institute (NSTI). Our areas of expertise include: Personnel, Physical, Cyber, and Health Security, including Management Consulting, Risk Management, Emergency Preparedness and Response, and Working Dog Health and Wellness Support.

Job Summary:

Provide cybersecurity support services to assist our clients with their cyber security activities. Provide research and analysis on a broad range of cybersecurity topics and prepare technical documentation to support team assessment of risk and prepare recommendations to our client on risk to the organization. A qualified candidate will be responsible for the following primary duties and responsibilities, but are not limited to:

  • Participate in a team helping to document processes, and procedures to protect highly confidential data

  • Research and analyze the specific requirements associated with National Institute of Standards and Technology (NIST) to assist the team with plans to satisfy each requirement

  • Attend strategy meetings and capture key notes, action items, and next steps

  • Assist Team Lead in the development of executive briefings and project milestone reports

Duties will include but are not limited to:

Provide Cybersecurity Governance, Risk, and Compliance (GRC) services to assist our clients with planning, implementing, and maturing their cybersecurity program activities in alignment with the Cybersecurity Framework. A qualified candidate will be responsible for the following primary duties and responsibilities, but are not limited to:

  • Assist with the development of policy documents using online research methods and an understanding of basic cybersecurity concepts.

  • Assist with the generation of metrics to depict compliance data in charts and graphs using MS Excel

  • Perform as part of a larger team in the documentation of organizational risk assessments through review of system architecture diagrams, vulnerability reports, and a basic understanding of common threat vectors (e.g. phishing, zero-day vulnerabilities)

  • Participate in the design of a Cybersecurity Awareness & Outreach Program, complete with branding materials, a communication strategy and creative development of awareness products to create a “cyber aware” culture.

Required Qualifications:

  • 2+ years of experience developing or assisting clients with the implementation of cybersecurity policy and regulatory compliance

  • 1+ years of experience supporting the Assessment and Authorization (A&A) process, in accordance with NIST Risk Management Framework (RMF)

  • 1+ years of experience generating, analyzing, and reporting data using Microsoft Excel

  • Experience writing business process documentation, whitepapers, or technical reports

  • Experience reviewing or developing system architecture diagrams

  • Possession of excellent oral and written communication skills

  • B.A. or B.S. degree in Information Technology (IT) related field (may be waived for equivalent experience)

Desired Qualifications:

  • Experience with Microsoft Azure and AWS

  • A professional security certification such as Security+ (alternative certifications will be considered)

  • Experience with Tableau, Splunk, or Power BI for data analytics

  • Experience generating RMF A&A Packages

  • Experience with government organizations (e.g., DoD)

  • Experience analyzing the security responsibilities of cloud service providers (CSP).

bottom of page