Cloud Vulnerability Analyst

Applied Research Solutions•Beavercreek Township, OH

About The Position

ARS is seeking a skilled cloud vulnerability analyst to assist in the monitoring and security hardening of a DevSecOps cloud environment to align with DoD RMF (NIST SP 800-53 r5) and CMMC 2.0 (NIST SP 800-171) security requirements. Why Work with us? Applied Research Solutions (ARS) is respected as a world-class provider of technically integrated solutions as we deliver premier talent and technology across our focused markets for unparalleled, continuous mission support. Awarded a Best Places to Work nominee since 2020, ARS recognizes that without our career- driven, loyal professionals, we would not be able to deliver state-of-the-art results for our mission partners. We firmly believe that prioritizing our employees is of the upmost importance. We provide a culture where our employees are challenged to meet their career goals and aspirations, while still obtaining a work/life balance. ARS employees are motivated through our industry competitive benefits package, our awards and recognition program, and personalized attention from ARS Senior Managers. The analyst will play a key role in identifying, validating, and mitigating vulnerabilities across Azure-based infrastructure and containerized workloads while ensuring alignment with DoD Risk Management Framework (RMF) controls defined in NIST SP 800-53 Rev. 5 and the CMMC 2.0 requirements derived from NIST SP 800-171. This role will leverage enterprise-grade security tools, including ACAS, Tenable Nessus, Microsoft Defender for Cloud, and Microsoft Sentinel, to perform vulnerability scanning, log correlation, threat hunting, and compliance reporting. The analyst will also contribute to secure DevSecOps pipelines by integrating automated security checks, ensuring misconfigurations are addressed early, and maintaining hardened baselines consistent with DoD and industry cybersecurity best practices. In addition, the Cloud Vulnerability Analyst will help shape and enforce proactive cloud security strategies by analyzing threat intelligence, validating remediation actions, and collaborating with engineering teams to eliminate systemic risks. The role requires strong knowledge of Azure security architecture, cloud access control models, vulnerability lifecycle management, and the technical controls necessary for FedRAMP-high-equivalent and DoD cloud deployments. The analyst will be responsible for developing documentation, dashboards, and continuous improvement recommendations that enhance situational awareness and strengthen security posture. Ultimately, the position ensures that ARS’s cloud environment remains resilient, compliant, and aligned with the evolving landscape of DoD cybersecurity expectations and modern cloud security best practices.

Requirements

Must be a US citizen
Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related technical field (or equivalent practical experience).
Hands-on experience with vulnerability scanning tools such as ACAS, Tenable Nessus, Microsoft Defender for Cloud, or similar enterprise solutions.
Working knowledge of Microsoft Azure, including security architecture, identity management, and cloud configuration best practices.
Familiarity with DoD RMF (NIST SP 800-53 r5) and CMMC 2.0 / NIST SP 800-171 security control requirements.
Experience analyzing security events using SIEM platforms such as Microsoft Sentinel.
Strong understanding of vulnerability management principles, secure configuration baselines, and cybersecurity best practices.
Ability to create clear documentation, communicate findings, and collaborate effectively with DevSecOps, engineering, and compliance teams.
All positions at Applied Research Solutions are subject to background investigations. Employment is contingent upon successful completion of a background investigation including criminal history and identity check.
This contractor and subcontractor shall abide by the requirements of 41 CFR 60-741.5(a). This regulation prohibits discrimination against qualified individuals on the basis of disability, and requires affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified individuals with disabilities.
This contractor and subcontractor shall abide by the requirements of 41 CFR 60-300.5(a). This regulation prohibits discrimination against qualified protected veterans, and requires affirmative action by covered contractors and subcontractors to employ and advance in employment qualified protected veterans.

Responsibilities

Conduct recurring vulnerability scans using ACAS, Tenable Nessus, Microsoft Defender for Cloud, and other automated tools to identify security gaps across Azure cloud environments.
Analyze and correlate alerts and logs within Microsoft Sentinel to detect threats, suspicious activity, and compliance deviations.
Perform vulnerability triage, validation, and prioritization, ensuring remediation aligns with DoD RMF (NIST SP 800-53 r5) and CMMC 2.0 (NIST SP 800-171) requirements.
Develop, maintain, and harden secure baseline configurations for Azure services, virtual machines, containers, and DevSecOps tooling.
Implement and monitor CI/CD-integrated security controls to ensure early detection of misconfigurations and code-level vulnerabilities.
Collaborate with cloud engineers, developers, and ISSO/ISSM personnel to recommend remediation actions and validate corrective measures.
Prepare detailed vulnerability reports, dashboards, Plan of Action & Milestones (POA&M) updates, and compliance artifacts for audits and assessments.
Support continuous monitoring strategies and security automation initiatives to enhance overall cloud security posture.
Conduct threat hunting and security analysis using threat intelligence sources to identify emerging risks relevant to Azure cloud and DoD systems.
Promote cybersecurity best practices by providing guidance, training, and technical recommendations to stakeholders across DevSecOps teams.
Other duties as assigned