Cyber Security Analyst IV

Description

Position Summary 

Northern Technologies Group (NTG) is seeking an experienced Cybersecurity Analyst IV to provide expert-level support to the Department of Defense (DoD) Chief Information Officer’s SAP IT Cybersecurity program. This role delivers technical and managerial leadership across RMF activities, system accreditation, and enterprise-wide cyber compliance. The Analyst will serve as a trusted cybersecurity advisor, managing high-impact assessments and helping to ensure secure operations across highly classified SAP environments.

Essential Duties and Responsibilities

• Lead Risk Management Framework (RMF) activities, including the development, review, and validation of:
  • System Security Plans (SSPs)
  • Security Assessment Plans (SAPs)
  • Plan of Action and Milestones (POA&Ms)
  • Security Assessment Reports (SARs)
  • Security Control Traceability Matrices (SCTMs)
• Act as an advisor to the Authorizing Official (AO), providing SME input to support Authorization to Operate (ATO) decisions.
• Perform system security assessments, documentation reviews, and artifact evaluations in eMASS or equivalent tools.
• Validate control inheritance and implementation across hybrid, cloud, AI/ML-enabled, or cross-domain architectures.
• Provide technical guidance to system owners, ISSMs, SCAs, and program staff to maintain compliance with DoD cybersecurity mandates.
• Assist in development and standardization of SOPs, cybersecurity scorecards, and dashboards.
• Support cybersecurity incident response documentation and post-event reporting in classified environments.
• Participate in enterprise-wide security initiatives, policy updates (e.g., JSIG revisions), and threat awareness activities.
• Serve as eMASS administrator: manage accounts, permissions, workflows, and enterprise-level metrics reporting.

Requirements

Minimum Qualifications (Knowledge, Skills, and Abilities)

• Active Top Secret/ SCI (TS/SCI) federal security clearance with eligibility for SAP access
• Master’s degree in cybersecurity or a related technical field
       (Or equivalent combination: e.g., Bachelor’s + 2 years, or High School + 6 years of additional experience)
• Minimum of 12 years of relevant cybersecurity experience, including leadership in RMF/A&A efforts.
• Must hold a cybersecurity certification at IAT Level III or IAM Level III (e.g., CISSP, CISM, CASP+)

PREFERRED QUALIFICATIONS

• Expert-level proficiency in:
  • RMF (NIST SP 800-53, JSIG, STIGs)
  • eMASS
  • CONMON, A&A lifecycle, IV&V support
• Strong understanding of DoD cross-domain architectures, AI/ML cybersecurity considerations, and hybrid cloud security
• Experience authoring SOPs, compliance guidance, and system risk documentation for highly classified networks
• Ability to mentor junior analysts and support enterprise compliance tracking and reporting
• Demonstrated ability to coordinate across government and contractor teams in high-tempo environments

 Physical Demands and Work Environment

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this position. Reasonable accommodations may be made to enable individuals with disabilities to perform these functions.

While performing the duties of this position, the employee is regularly required to talk or hear. The employee frequently is required to use hands or fingers, handle or feel objects, tools, or controls. The employee is occasionally required to stand; walk; sit; and reach with hands and arms. The employee must occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this position include close vision, distance vision, and the ability to adjust focus. The noise level in the work environment is usually low to moderate. 

Northern Technologies Group is an equal opportunity employer. We do not discriminate based on race, color, religion, sex, national origin, disability, age, or any other protected status under federal, state, or local law.

Travel

May require brief travel within the National Capital Region (NCR) or limited CONUS travel

Shift

Monday through Friday, 8-hour shifts with core hours of 0900–1500

Note

This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice. Employees will be required to follow any other job-related instructions and to perform any other job-related duties requested by any person authorized to give instructions or assignments. This document does not create an employment contract, implied or otherwise, other than an “at will” relationship.