Gibbs & Cox, a wholly owned subsidiary of Leidos, is the largest independent naval architecture and marine engineering firm in the United States. Since our founding in 1929, 24 classes of combatants and nearly 7,000 vessels have been built to Gibbs & Cox designs. We proudly support military and commercial clients in the US and internationally with all phases of marine design, construction, and lifecycle management. Our passion is solving our customers' 21st century maritime challenges with quality and integrity. We are looking for a Sr Cyber Security Analyst. This is a permanent, full-time role based in Arlington, VA. The primary language of work is English. Location: Hybrid, based in Arlington, VA with occasional travel to Canada. Qualifications: * Bachelors degree in Computer Science, Software Engineering, Computer Engineering or equivalent combination of education and other formal training and experience. * Minimum 10+ yrs professional Cyber Security experience * With a minimum of 3 years experience in one or more of the following fields: o Network or Industrial Control Systems maintenance or design o Security Architecture Design experience for enterprise networks, operational technology, marine systems or equivalent * DoD 8140/8570 approved certification, ex. Certified Information System Security Professional (CISSP) * Security assessments using NIST SP 800-53 / NIST Cybersecurity Framework (CSF). * Systems or software engineering experience using ISO 15288 / NIST 800-160. * Excellent written and oral communication skillsDesired Qualifications: * Master's degree highly preferred * Experience working with the US Department of Navy, SPAWAR, NAVSEA, or US Coast Guards * Familiarity with Navys CYBERSAFE initiative, and Defense-in-Depth Functional Implementation Architecture (DFIA) * Knowledge of programming and scripting languages * Experience with using security tools in testing and virtualized environmentsKey Responsibilities: Reporting to the Team Lead, Security Assurance you will be part of a team responsible for system security engineering for the Canadian Surface Combatant Project, including but not limited to the following: * Support the development of the security posture for the various shipbuilding programs through Cybersecurity Architectural and Engineering decision for the CSC baseline architecture. * Reviewing architectural and engineering documents to meet cyber requirements for naval systems including: o Security plans for marine based combat and platform systems o Marine system security architecture o Security requirements traceability o Security assessment plans and reports * Supporting security control design and solution planning on all identified shipboard systems, noting that the structure of this design process aligns with NIST SP 800-160 - Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems. * Conduct assessments of the security of systems design and provide recommendations to mitigate threat vectors. * Liaise with government security agencies * Applying techniques and guidance from National Institute of Standards and Technology (NIST) for System Security Engineering (NIST SP 800-160) as well as other NIST documents (ie, CSF, 800-37, 800-53, 800-61, 800-82, 800-161 and 800-171). * Assisting design teams with architecting and engineering cybersecurity solutions for Navy Combat and Platform Systems. * Based on security assessments of ship systems, assist design engineers, and make recommendations in which security controls to implement to best address cyber risk posed by threats to information systems, control systems, and operational technology. * Identify and document security architectures at the system and ship (system-of-systems) levels. * Identify and document security operations required to maintain security posture * Developing, maintaining, and reviewing technical cybersecurity architectural and engineering documentation such as the system security categorization, system security architecture and system security design specification. * Support creating cybersecurity test and evaluation plans and procedures or system security. * Develop plans, procedures and processes as required in support of program requirements. * Provide accurate status reports on assigned activities as needed. * Assist in security and risk assessment of systems and subcontractors. * Establish and maintain strong working relationships with internal (eg, Shipyard Production, CSC Program, Combat System and Platform Engineering personnel) and external stakeholders (subcontractors and government representatives). * Support a culture of teamwork, enthusiasm, and proactive behavior within the Security Assurance team.The role will also include working with engineering teams in both the combat systems group and the platform systems group to incorporate security mechanisms and devices to satisfy security requirements and manage cybersecurity risk to the ship mission assurance. Working collaboratively in the Systems Engineering team, you will provide guidance and advice to subcontractor teams on how to use security controls to satisfy security outcomes to manage risk to ship mission assurance. You will assist in choosing appropriate ways to verify and validate the security designed into the ship systems . Security Requirements: MUST be a US Citizen and have Active DOD Security Clearance Gibbs & Cox is a VEVRAA Federal Contractor and an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law. The VEVRAA, VEVRAA | US Department of Labor (dol.gov) , covers veterans. @2021 Gibbs & Cox, Inc. Gibbs & Cox, Gibbs & Cox logo are registered trademarks. All rights reserved