Senior Cybersecurity Analyst

GovCIO
Kearneysville, United States of America
2 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 142K

Job location

Kearneysville, United States of America

Tech stack

Amazon Web Services (AWS)
JIRA
Azure
Cloud Computing Security
Encodings
CompTIA Security+
Computer Security
Continuous Delivery
Continuous Integration
Open Web Application Security
Systems Development Life Cycle
Scaled Agile Framework
Security Software
Software Vulnerability Management
Web Applications
Software Security
Technical Debt
HybridCloud
SC Clearance
Kubernetes
Tenable Nessus
Devsecops
Docker
ServiceNow

Job description

GovCIO is seeking a Senior Cybersecurity Analyst to support a critical government computer system for the U.S. Coast Guard (USCG) Software Yard - Capability Development Branch. This role is primarily responsible for ensuring that all mission software, applications, and technology platforms remain secure, maintainable, and compliant with federal regulations throughout the continuous software delivery lifecycle. This position will be located in Kearneysville, WV, and will be a hybrid position., As a Senior Cybersecurity Analyst, you will serve as a primary technical resource for enforcing architectural coherence, enterprise security standards, and long-term sustainability across platform-aligned Product Teams. You will embed cybersecurity practices into modern delivery models to prevent vulnerabilities and mitigate cybersecurity risks. Key responsibilities include:

  • Enforce federal security standards, government compliance baselines, and DISA STIGs across all software product teams and continuous delivery workflows.
  • Conduct proactive vulnerability monitoring, security testing, and risk assessments on applications to support modernization and technical debt reduction.
  • Collaborate with government technical leadership and vendor-heavy product teams to ensure that delivered capabilities meet strict cybersecurity engineering approaches.
  • Perform vulnerability remediation oversight and coordinate with engineering teams to fix software bugs, performance bottlenecks, and security gaps.
  • Audit and validate product backlogs and release plans to ensure security requirements are fully incorporated, traced, and prioritized alongside mission needs.
  • Assess architectural coherence and security posture across multiple technology domains, reducing the risk of brittle or siloed systems.
  • Maintain comprehensive cybersecurity documentation, including system security plans, risk mitigation logs, and standard operating procedures for release train management.
  • Provide expert cybersecurity guidance to product owners and development teams, ensuring rapid operational responses to emerging digital mission threats.

Requirements

High School with 9+ years (or commensurate experience), * DoD 8570 IAT Level II certification (Security+ CE, CySA+, CCNA Security).

  • Cybersecurity analysis experience specializing in application security, software assurance, or cloud security within a federal environment.
  • Proven experience analyzing and remediating vulnerabilities identified by automated scanning tools within modern software delivery models (CI/CD).
  • Comprehensive operational understanding of DISA STIGs, NIST Risk Management Framework (RMF), and federal authorization boundaries.
  • Strong experience embedding security requirements into Agile engineering frameworks, product backlogs, and rapid release environments.
  • Proficiency tracking, managing, and reporting cyber risks using enterprise tools (such as Jira, Azure DevOps, Tenable Security Center, or ServiceNow).
  • Strong foundational understanding of diverse IT domains including enterprise.

Clearance Required: Active Secret Clearance

Preferred Skills & Experience

  • Experience supporting U.S. Coast Guard, Software Yard, or Department of Homeland Security (DHS) programs.
  • Familiarity with USCG PEO C5I enterprise security strategies, software assurance policies, and continuous Authority to Operate (cATO) pathways.
  • Relevant professional cybersecurity certifications highly preferred (e.g., CISSP, CEH, CISM, or DevSecOps security credentials).
  • Understanding secure containerization concepts (Kubernetes, Docker) and automated security gating within DevSecOps environments.
  • Familiarity with hybrid-cloud architecture (AWS, Azure) and securing web applications against OWASP Top 10 vulnerabilities.

Benefits & conditions

USD $112,000.00 - USD $142,000.00 /Yr.

Apply for this position