SC Works IT Jobs

Job Information

H2 Performance Consulting Senior Cyber Security Analyst-NQV II-III in Charleston, South Carolina

Senior Cyber Security Analyst-NQV II-III

Location: Charleston, SC

Job ID: 20.0002.190


H2 Performance Consulting is subject to the Vietnam Era Veteran's Readjustment Assistance Act as a Federal Contractor and is an Equal Opportunity/Affirmative Action Employer and strives to build a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status or disability status. Additionally, as mandated under Executive order 12989, H2 is required to verify employment eligibility of selected candidates through the Department of Labor-s - E-Verify.

H2 Performance Consulting (H2) is seeking a highly skilled individual to serve as a Sr. Cyber Security Analyst - NQV II-III to provide cyber security support to the Enterprise Systems and Services (E2S). E2S, also known as PMW 250, develops and implements reliable, efficient and secure business information technology (IT) solutions. Established in early 2017, E2S supports a wide array of Navy, Marine Corps and other DoD customers. The ideal candidate will have experience with Navy eMASS and doing RMF packages (Cloud experience preferred); is very detailed oriented with strong written and oral communication skills; and excels with proper handling and protection of sensitive information, etc.


  • Ensures the completion of programs, projects or tasks within estimated timeframes and budget constraints; ensures that the quality of the program, project or task deliverable meets the established standards or metrics

  • Provides Cyber Security guidance and documentation throughout the system development life cycle

  • Provides Cyber Security guidance at meetings, briefings and design reviews and during system development in accordance with prevailing Cyber regulations and policies

  • Supports the PM, SCA, ISSM, and ISSE throughout all phases of the security authorization process

  • Performs system security reviews for Assessment and Authorization (A&A)

  • Assists with development and tracking of the POA&M in eMASS

  • Supports RMF Checkpoint and Collaboration meetings

  • Assists with the System Categorization and consults on the SLCM Strategy

  • Develops the Security Plan, Security Assessment Plan, Security Assessment Report, and Executive Summaries

  • Ensures the completion of cyber related programs, projects, or tasks within estimated timeframes and budget constraints

  • Provides Cybersecurity guidance at meetings, briefings and design reviews, and during system development in accordance with prevailing Cyber regulations and policies

  • Ensures Cybersecurity system designs that properly mitigate identified threats and vulnerabilities

  • Reviews and approves test and evaluation activities to validate those threats and vulnerabilities are mitigated

  • Conducts A&A process for IT systems and networks in accordance with the DoN Risk Management Framework process

  • Report package status and risks weekly to senior level government leadership


  • Minimum SECRET clearance

  • Minimum 5+ years of experience in Certification and Accreditation (C&A) or Assessment and Authorization (A&A)

  • Approved Navy Qualified Validator (NQV) Level III

  • Expert knowledge of Risk Management Framework (RMF) at the ISSE/NQV level

  • Expert knowledge of eMASS at the ISSE/NQV level

  • BS Degree in Cyber Security/Engineering field (e.g., Computer, Electrical, Mechanical, Systems, Security)

  • Minimum 3+ years- experience with independently performing validator activities defined in the Navy RMF process guide and applying RMF guidance to Navy or DoD A&A efforts

  • Experience with test and evaluation for allocating assigned security controls into assessment objectives and procedures, developing and executing Security Assessment Plans (SAP)

  • Expert knowledge and experience with using the DoD Assured Compliance Assessment Solution (ACAS) suite of tools

  • Expert knowledge and experience with vulnerability assessment scanning tools and reporting, intrusion detection technologies, intrusion prevention technologies, and host-based security system (HBSS)

  • Expert knowledge of DoD published Security Technical Information Guidance (STIG) requirements and implementation or compliance process

  • Firm understanding of DISA CAL boundaries and experience coordinating with the PPSM team to register ports not registered within the latest DISA-s CAL boundary list

  • Firm understanding of sensitive data types and cybersecurity protections associated with that data (e.g., PII, PHI, etc.)

  • Firm knowledge of cloud technology concepts and their relationship with Navy RMF/eMASS

  • Ability to think independently with minimal oversight, as well as demonstrate exceptional written and oral communications skills

  • Exemplary customer/client management skills and techniques

Qualified candidates may submit their resume to the career section of our company website at All resumes will be reviewed within 5 business days and those candidates we wish to further in the application process will be contacted via email/phone to schedule initial phone screens.