Cybersecurity Certification and Accreditation (C&A) Analyst

Company Overview

SkyePoint Decisions is a leading Cybersecurity Architecture and Engineering, Critical Infrastructure and Operations, and Applications Development and Maintenance IT service provider headquartered in Dulles, Virginia with operations across the U.S. We provide innovative enterprise-wide solutions as well as targeted services addressing the complex challenges faced by our federal government clients. Our focus is on enabling our clients to deliver their mission most efficiently and effectively – anytime, anywhere, securely. We combine technical expertise, mission awareness, and an empowered workforce to produce meaningful results.

Position Details and Responsibilities

SkyePoint Decisions is seeking a Cybersecurity Certification and Accreditation (C&A) Analyst to join our team on a Defense Logistics Agency contract.

This is a remote position but the candidate must be in proximity to a DLA site.

Responsibilites:

• Serve as a Cybersecurity Subject Matter Expert (SME) for DoD System Authorization, ensuring compliance with all applicable cybersecurity policies and procedures.
• Support cybersecurity efforts throughout the DoD System Development Life Cycle (SDLC) in accordance with DoDD 5000.01.
• Assist in implementing and maintaining cybersecurity policies, procedures and security controls for DoD Information Systems (IS), Platform IT (PIT), and Operational Technology (OT) Systems.
• Perform preventative and analytical security activities to enhance the overall security posture of DLA networks, information systems and applications. 
• Identify and assess vulnerabilities, assign severity values, and determine the potential impact on system authorization.
• Ensure compliance with Federal, DoD, and DLA security requirements, policies, and standards for both unclassified and classified environments. 
• Work with Information Systems Security Managers (ISSMs) to identify and mitigate security risks.
• Conduct security assessments, inspections, and compliance reviews, documenting results and remediation actions.
• Support incident response efforts, including reporting cybersecurity incidents to the Authorizing Official (AO) and appropriate response teams.
• Assist with the Risk Management Framework (RMF) process, executing tasks across all seven RMF steps, including but not limited to:
  • Categorizing systems and registering them in eMASS. 
  • Implementing security controls and validating compliance using STIGs and vulnerability scans.
  • Assessing security posture, identifying risks, and developing POA&Ms. 
  • Support system authorization and maintain continuous monitoring efforts. 
• Ensure secure configuration and approval of IT systems and components before development.
• Prepare and deliver briefings, reports, and security documentation to leadership, including senior management updates on system authorization progress.
• Participate in cybersecurity meetings, technical discussions and risk assessments.

Qualifications

Required Qualifications:

• Five (5) years of relevant C&A experience; Risk Management Framework (RMF) and NIST C&A experience; DoD cybersecurity experience.
• Must have one of the following DoD Approved 8570 Category IAM Level III Certifications
  • CISM, CISSP, GSLC or CCISO.
• Must be eligible for IT II.
• Proven experience evaluating security controls and performing authorization reviews for large scale, complex enterprise environments. 
• Strong understanding of the DoD authorization process, including the cybersecurity policies, procedures and frameworks that support system accreditation and risk management.
• Experience applying NIST 800-53 security controls to assess and authorize complex IT environments, such as large enterprise infrastructures with multiple enclaves, applications, and outsourced IT services.
• Must be a U.S. Citizenship with an Active Secret clearance. 

Preferred Qualifications:

• DLA Experience.
• Operational Technology experience.
• NIST 800-82 and ISA/IEC 62443 understanding.
• Communication capability with both small and large teams.
• ICS Cybersecurity (300) (DHS CISA).
• ICS Cybersecurity Evaluation (401) (DHS CISA).
• Familiar with Cyber Tools: eMASS, RSA Archer, Microsoft Office Products (SharePoint, TEAMS, Visio, Excel, Word, PowerPoint) Stig Viewer/SCAP, Splunk, ACAS/HBSS, Forescout.

What We Can Offer You:

• At SkyePoint, we go B.I.G. (beginning in GRATITUDE) by recognizing all we have and giving back to our employees, families, and communities. It instills a positive mindset that permeates all we do. By beginning in gratitude, SkyePoint can continue to spread living in gratitude each day.
• Great Benefits: Several insurance options including HMO and High Deductible plans with Health Savings Accounts [HSAs], Flex Spending Accounts [FSAs], Full Dental Plans, ST/LT Disability, Life Insurance, floating federal holiday options, and 401k matched
• Certificate Incentive Program: To promote professional development, we recognize and reward employees who obtain new certifications aligned with business needs.
• SkyePoint DoD SkillBridge Industry Partner Fellowship Program

• Flexible Work Environment

Compensation:

Salary Range: $130,000-$140,000

The SkyePoint Decisions salary range for this position is a general guideline only. It represents an estimated range for this position and is just one piece of our total compensation package. 

Salary at SkyePoint is determined by various factors, including but not limited to location, work schedule, the candidate’s combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability, market data and business considerations.

Additionally, this position may be eligible for an incentive compensation bonus plan.

In addition to a competitive salary, SkyePoint offers benefits including a certification incentive program, PTO, floating federal holiday options, several insurance options including HMO and High Deductible plans with Health Savings Accounts [HSAs], Flex Spending Accounts [FSAs], Full Dental Plans, Vision, ST/LT Disability, Life Insurance, and 401k matched.

SkyePoint Decisions is an established ISO 9001:2015 and ISO/IEC 27001:2013 certified small business and appraised at CMMI Level 3 for Services and Development. We possess a common vision of excellence and foster a collaborative team culture built upon individual performance and accountability. We invest in our people and systems to create value for our clients. It is the SkyePoint Way. We are grateful for the opportunity to work with exceptional people and give back to the communities we serve. Our employees value the flexibility at SkyePoint that allows them to balance quality work and their personal lives.

Please be aware of recruiting scams and people claiming to be from SkyePoint Decisions. For more information, please see the Welcome Page of our Careers site.

Skyepoint Decisions is a participating E-Verify Employer. 

U.S. Citizenship is required for most positions.

Equal Opportunity Employer/Veterans/Disabled.