Noblis · 5 months ago
Cybersecurity Analyst / Engineer (Multiple Levels)
Washington, Washington, DC
Full-time
Hybrid
New Grad, Entry, Mid, Senior Level
$77K/yr - $120K/yr
0+ years expNoblis is a company that tackles the nation's toughest problems and applies advanced solutions to critical missions. They are seeking an experienced Cybersecurity Analyst / Engineer to support the FAA's Brand New Air Traffic Control System initiative, focusing on securing systems that ensure the safety, efficiency, and reliability of the National Airspace System. The role involves monitoring cyber threats, conducting risk assessments, and ensuring compliance with federal cybersecurity frameworks.
Information TechnologyNational SecurityNon Profit
No H1B
Security Clearance RequiredU.S. Citizen Only
Responsibilities
Monitor and analyze cyber threats targeting air traffic control and NAS environments, including both enterprise and operational technology (OT) systems
Perform vulnerability assessments and coordinate mitigation of risks impacting FAA mission-critical systems, including communications, navigation, and surveillance infrastructure
Support FAA-specific Risk Management Framework (RMF) implementation, including security control selection, assessment, and continuous authorization (A&A)
Integrate continuous monitoring and Security Operations Center (SOC) capabilities to detect, contain, and remediate cyber incidents impacting ATC systems
Collaborate with FAA Security Operations and DHS CISA teams for threat intelligence sharing and coordinated response
Provide cybersecurity input during the design, development, and deployment of the next-generation FAA ATC systems (e.g., ERAM, STARS, DataComm, SWIM)
Work with system engineers and solution architects to embed security in system architectures supporting automation, communications, surveillance, and enterprise services
Ensure secure data exchange and interoperability between FAA systems, airlines, and external aviation stakeholders
Develop and maintain security architecture diagrams and documentation for FAA systems operating in both traditional IT and ICS/OT environments
Ensure compliance with FAA Orders (e.g., 1370.121, 1370.82), NIST SP 800-series, FISMA, and Executive Orders on critical infrastructure security
Support Security Test and Evaluation (ST&E) for NAS and ATC systems prior to deployment
Prepare and maintain System Security Plans (SSPs), Continuous Monitoring Plans, and other cybersecurity artifacts required for FAA certification and accreditation
Lead and support incident response activities, forensic investigations, and post-event analysis for FAA systems
Assist in the development of cyber resilience and contingency plans for ATC systems to ensure operational continuity during disruptions
Conduct cybersecurity exercises and simulations tailored to aviation and air traffic control scenarios
Qualification
Required
Proven experience with federal or critical infrastructure cybersecurity, including OT/ICS environments
Knowledge of aviation domain technologies (e.g., ATC automation systems, communications networks, surveillance sensors)
Strong familiarity with NIST RMF, FISMA, and FAA cybersecurity policies
Hands-on experience with vulnerability scanning, security monitoring (SIEM), and intrusion detection/prevention in mission-critical systems
Understanding of secure network and system architecture in safety-critical environments
U.S. Citizen with ability to obtain Public Trust or FAA Moderate/High Risk clearance
0-4 years of experience and a Bachelor's degree in Cybersecurity, Computer Science, Information Systems, Engineering, or a related technical field
High school degree and an additional 6 years of experience
5-9 years of experience and a Bachelor's degree in Cybersecurity, Computer Science, Information Systems, Engineering, or a related technical field
Masters degree with 3-7 years of experience would qualify
PHD degree with 0-4 years of experience would qualify
Highschool degree with a minimum of 14 years total
10-15 years of experience and a Bachelor's degree in Cybersecurity, Computer Science, Information Systems, Engineering, or a related technical field
Masters degree with 8-13 years of experience would qualify
PHD degree with 5-10 years of experience would qualify
Highschool degree with a minimum of 24 years total
16-24 years of experience and a Bachelor's degree in Cybersecurity, Computer Science, Information Systems, Engineering, or a related technical field
Masters degree with 14-22 years of experience would qualify
PHD degree with 11-19 years of experience would qualify
Highschool degree with a minimum of 26 years total
Preferred
DoD 8570.01-M IAT/IAM certification (Security+, CISSP, CISM, CASP+)
Experience working with FAA systems or other federal civilian agencies
Familiarity with FAA Air Traffic Organization (ATO) infrastructure and operational requirements
Hands-on experience with aviation cybersecurity tools, such as ACAS, Nessus, Splunk, and endpoint protection platforms
Knowledge of cybersecurity in ICS/SCADA environments and safety-critical control systems
Proficiency with scripting, automation, or orchestration tools for cybersecurity tasks
Experience performing Security Test & Evaluation (ST&E) and preparing systems for Authority to Operate (ATO) under FAA RMF
Company
Noblis
Noblis is a nonprofit science, tech strategy organization that works in the public interest to help clients solve most complex problems.
1001-5000 employees
Funding
Current Stage
Late StageLeadership Team
Mile Corrigan
President and CEO
William Streilein
Chief Technology Officer
Recent News
Washington Technology
2025-10-21
Washington Technology
2025-10-11
Company data provided by crunchbase