- 
        Cybersecurity Analyst / Engineer (Multiple Levels)
- Noblis (Washington, DC)
- 
             Responsibilities Position Overview We are seeking an experienced and detail-oriented **Cybersecurity Analyst / Engineer** to support the FAA’s **Brand New** **A** **ir** **T** **raffic** **C** **ontrol (ATC)** **S** **ystem initiative** . In this critical role, you will help secure systems that ensure the safety, efficiency, and reliability of the National Airspace System (NAS). You will work closely with FAA engineers, system integrators, and program stakeholders to **design, implement,** **monitor** **, and sustain cybersecurity protections** for complex, safety-critical infrastructure, including communications, surveillance, and automation systems. This role requires deep knowledge of **aviation operational environments** , **industrial control systems (ICS)** , and federal cybersecurity frameworks. You will support **risk assessments, secure systems engineering, and continuous monitoring** across both on-premise and distributed environments that underpin FAA mission operations. Cybersecurity Operations & Risk Management + Monitor and analyze cyber threats targeting **air traffic control and NAS environments** , including both enterprise and operational technology (OT) systems. + Perform vulnerability assessments and coordinate **mitigation of risks impacting FAA mission-critical systems** , including communications, navigation, and surveillance infrastructure. + Support FAA-specific **Risk Management Framework (RMF)** implementation, including security control selection, assessment, and continuous authorization (A&A). + Integrate **continuous monitoring and Security Operations Center (SOC)** capabilities to detect, contain, and remediate cyber incidents impacting ATC systems. + Collaborate with FAA Security Operations and DHS CISA teams for **threat intelligence sharing and coordinated response** . Systems Security Engineering & Integration + Provide cybersecurity input during the **design, development, and deployment** of the next-generation FAA ATC systems (e.g., ERAM, STARS, DataComm, SWIM). + Work with **system engineers and solution architects** to embed security in system architectures supporting automation, communications, surveillance, and enterprise services. + Ensure **secure data exchange and interoperability** between FAA systems, airlines, and external aviation stakeholders. + Develop and maintain **security architecture diagrams** and documentation for FAA systems operating in both traditional IT and ICS/OT environments. Compliance & Policy Alignment + Ensure compliance with **FAA Orders (e.g., 1370.121, 1370.82)** , **NIST SP 800-series** , **FISMA** , and **Executive Orders on critical infrastructure security** . + Support **Security Test and Evaluation (ST&E)** for NAS and ATC systems prior to deployment. + Prepare and maintain **System Security Plans (SSPs)** , **Continuous Monitoring Plans** , and other cybersecurity artifacts required for FAA certification and accreditation. Incident Response & Resilience + Lead and support **incident response activities** , forensic investigations, and post-event analysis for FAA systems. + Assist in the development of **cyber resilience and contingency plans** for ATC systems to ensure operational continuity during disruptions. + Conduct cybersecurity exercises and simulations tailored to aviation and air traffic control scenarios. Required Qualifications Required Qualifications + Proven experience with **federal or critical infrastructure cybersecurity** , including OT/ICS environments. + Knowledge of **aviation domain technologies** (e.g., ATC automation systems, communications networks, surveillance sensors). + Strong familiarity with **NIST RMF, FISMA.** + Hands-on experience with vulnerability scanning, security monitoring (SIEM), and intrusion detection/prevention in **mission-critical systems** . + Understanding of **secure network and system architecture** in safety-critical environments. + U.S. Citizen with ability to obtain **Public Trust or FAA Moderate/High Risk clearance** . Required Education and years** ** Level I** ** + 0-4 years of experience and a Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Engineering, or a related technical field. **Substitution:** High school degree and an additional 6 years of experience **Salary Range:** $77,000 - $120,275 Level II** ** + 5-9 years of experience and a Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Engineering, or a related technical field. Substitution:** ** + Masters degree with 3-7 years of experience would qualify + PHD degree with 0-4 years of experience would qualify + Highschool degree with a minimum of 14 years total. **Salary Range:** $84,700 - 132,325 Level III** ** + 10-15 years of experience and a Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Engineering, or a related technical field. Substitution:** ** + Masters degree with 8-13 years of experience would qualify + PHD degree with 5-10 years of experience would qualify + Highschool degree with a minimum of 24 years total. ** ** **Salary Range:** $102,500 - 160,100 Level IV** ** + 16-24 years of experience and a Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Engineering, or a related technical field. **Substitution** : + Masters degree with 14-22 years of experience would qualify + PHD degree with 11-19 years of experience would qualify + Highschool degree with a minimum of 26 years total. **Salary Range:** $124,000 - $193,750 Desired Qualifications + **DoD 8570.01-M IAT/IAM certification** (Security+, CISSP, CISM, CASP+). + Strong Familiarity with FAA Security policies. + Experience working with **FAA systems or other federal civilian agencies** . + Familiarity with **FAA Air Traffic Organization (ATO) infrastructure** and operational requirements. + Hands-on experience with **aviation cybersecurity tools** , such as ACAS, Nessus, Splunk, and endpoint protection platforms. + Knowledge of **cybersecurity in ICS/SCADA environments** and safety-critical control systems. + Proficiency with **scripting, automation, or orchestration tools** for cybersecurity tasks. + Experience performing **Security Test & Evaluation (ST&E)** and preparing systems for **Authority to Operate (ATO)** under FAA RMF. Overview Noblis (http://www.noblis.org/) and our wholly owned subsidiaries, Noblis ESI , and Noblis MSD tackle the nation's toughest problems and apply advanced solutions to our clients' most critical missions. We bring the best of scientific thought, management, and engineering expertise together in an environment of independence and objectivity to deliver enduring impact on federal missions. Noblis works with a wide range of government clients in the defense, intelligence and federal civil sectors. Learn more at Noblis -About Us (https://careers.noblis.org/about-noblis/) Why work at a Noblis company? Our employees find greater meaning in their work and balance the other things in life that matter to them. Our people are our greatest asset. They are exceptionally skilled, knowledgeable, team-oriented, and mission-driven individuals who want to do work that matters and benefits the public. Noblis has won numerous workplace awards (http://www.noblis.org/about/Awards/) . Noblis maintains a drug-free workplace. * _Remote/hybrid status is subject to change based on Noblis and/or government requirements_ Commitment to Non-Discrimination All qualified applicants will receive consideration for employment without regard to race, color, ethnicity, sex, age, national origin, religion, physical or mental disability, pregnancy/childbirth and related medical conditions, veteran or military status, or any other characteristics protected by applicable federal, state, or local law. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact us (https://careers.noblis.org/contact-us/) . EEO is the Law (https://www.dol.gov/general/topic/discrimination) | E-Verify (https://careers.noblis.org/wp-content/uploads/2024/09/Federal-e-verify-participation-poster-Eng-and-Sp.-9-11-2024.pdf) | Right to Work (https://www.justice.gov/crt/case-document/file/1133936/download) Total Rewards At Noblis we recognize and reward your contributions, provide you with growth opportunities, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, and work-life programs. Our award programs acknowledge employees for exceptional performance and superior demonstration of our service standards. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in our benefit programs. Other offerings may be provided for employees not within this category. We encourage you to learn more about our total benefits by visiting the Benefits (https://careers.noblis.org/benefits/) page on our Careers (https://careers.noblis.org/) site. Compensation at Noblis is determined by various factors, including but not limited to, the combination of education, certifications, knowledge, skills, competencies, and experience, internal and external equity, location, clearance level, as well as contract-specific affordability, organizational requirements and applicable employment laws. The projected compensation range for this position is based on full time status. For part time or on-call staff, compensation is proportionately adjusted based on hours worked. While monetary compensation is important, it's just one component of Noblis’ total compensation package. Posted Salary Range USD $78,900.00 - USD $123,300.00 /Yr. 
 
 
-