Cyber Security Analyst/ISSO

Arete Associates•Niwot, CO

3h•$80,000 - $110,000•Onsite

About The Position

At Areté, we are on the forefront of utilizing innovative solutions, with great minds from all backgrounds, to help solve the nation’s most complex security challenges. We strive for an inclusive, collaborative team environment that approaches differences as opportunities for innovation and excellence. As an employee-owned company, we foster an atmosphere that propels diverse career opportunities and professional growth. Discover your future with us. Areté is immediately seeking a full-time Cyber Security Analyst/Information Systems Security Officer to work with our corporate cyber team in either Tucson, Arizona or Niwot, Colorado. The selected candidate will have a minimum Secret clearance with that ability to obtain a Top Secret security clearance with SCI access, including a CI polygraph. The candidate will collaborate with other Cyber Security and IT staff members, travel occasionally, and provide some after-hours support. The candidate will also support a variety of information systems at varying levels of complexity on the corporate network. This position is a full-time, permanent, on-site position, hybrid and remote options are not available.

Requirements

Active Top Secret security clearance with ability to obtain a CI polygraph.
1-2 years of experience performing ISSO or equivalent cybersecurity duties for classified systems.
Demonstrated experience with CMMC, NIST 800-171, or NIST 800-53 security controls.
Hands-on experience in security auditing, continuous monitoring, and documentation of control implementation.
Current IAT Level II Security Certification or higher (Security+, CASP, CySA+, CISSP, GSEC) or ability to obtain within 3 months of the start date.
Must have solid technical knowledge on how Windows and Server operating systems are hardened.
Experience with common information system Cyber Security tools, technologies, and STIGs (Nessus/ACAS, SCAP Compliance Checker, STIG Viewer, Microsoft Group Policy, etc.).
Strong interpersonal skills, technical writing skills, and the ability to work autonomously and on a team.
Strong written communication skills and the ability to document/diagram information systems and procedures.
Must be able to lift 25 pounds.

Nice To Haves

Knowledge of the Risk Management Framework is a plus;
Experience with Security Directives, Policies, Publications and Regulations including but not limited to the NIST 800-171, NIST 800-53, JSIG and/or ICD 503;
Experience in one or more of the following Cybersecurity tools/technologies: SIEM or Log Reduction & Analysis Tools, McAfee ePO, SCC Tool, Bitlocker, Rapid7 IDR, InsightVM;
Technical knowledge on how Linux (RHEL 8/9) systems are configured, hardened, and managed.

Responsibilities

Perform duties as ISSO in accordance with NIST 800-171 and/or NIST 800-53.
Develop, maintain, and update security authorization documentation including ConMon Reports, and audit logs.
Conduct security control implementation, validation, and assessment activities.
Perform and document system audits and risk analysis.
Manage and execute Continuous Monitoring (ConMon) tasks to ensure compliance throughout the system lifecycle.
Support configuration management (CM) processes with a minimum of 1-2 years direct CM experience, including review and documentation of system changes, baseline management, and change control.
Provide incident response support, including investigation, reporting, and remediation of security events.
Support preparation for internal and external inspections and assessments.
Support ISSM with other duties as assigned.