Cybersecurity / Information Security Analyst

About The Position

Requirements

• Minimum high school diploma or equivalent
• Ability to obtain and maintain a US Government Clearance (requires US Citizenship)
• 7+ years of cybersecurity or information security experience
• Experience in a regulated or defense contractor environment
• Working knowledge of: NIST 800-171 controls CMMC requirements ITAR/EAR or export control practices DFARS 252.204-7012 incident requirements
• Experience with SIEM/EDR tools (Microsoft Defender, Sentinel, Splunk, etc.)
• Experience with vulnerability scanning tools (Tenable, Qualys, etc.)
• Familiarity with Windows/Linux security hardening
• Strong incident response and troubleshooting skills

Nice To Haves

• Experience supporting CMMC or NIST 800-171 audits
• Microsoft GCC High / Azure Government experience
• Cloud security (Azure/AWS GovCloud)
• Endpoint management (Intune, JAMF, MDM)
• Secure enclave or segregated network experience
• Security automation or scripting (PowerShell/Python)
• Experience with aerospace/space or DoD programs
• Security+ / CySA+ / GSEC
• CISSP / CISM / CISA
• CEH / GCIA / GCIH
• CMMC RP/CCA/CCP (plus)

Responsibilities

• Monitor and analyze security events across endpoints, networks, cloud, and collaboration platforms (SIEM, EDR, firewalls, M365/Azure Gov, etc.)
• Investigate alerts, perform triage, and lead incident response activities
• Conduct root-cause analysis and implement corrective actions
• Manage vulnerability scanning and remediation tracking
• Perform log analysis, threat hunting, and anomaly detection
• Support secure configuration baselines (CIS/STIG hardening)
• Implement and maintain controls aligned to: NIST SP 800-171 CMMC Level 2/3 DFARS 252.204-7012 ITAR / EAR Export Control NASA/DoD contract security clauses
• Maintain System Security Plans (SSPs), POA&Ms, and control evidence
• Support CMMC assessments and external audits (C3PAO/DCMA/Prime Contractors)
• Assist with enclave design for CUI/ITAR environments
• Ensure proper handling, marking, storage, and transmission of export-controlled data
• Collaborate with IT and engineering teams on: Secure cloud configurations (Azure Gov / GCC High preferred) Identity & access management (MFA, least privilege, RBAC) Endpoint security & device management Network segmentation for regulated workloads
• Participate in new system security reviews and risk assessments
• Support secure DevOps and engineering toolchains
• Conduct risk assessments and maintain risk registers
• Develop and update policies, standards, and procedures
• Support vendor and supply-chain cybersecurity reviews
• Track metrics and KPIs for security posture reporting
• Lead or support tabletop exercises and incident simulations
• Provide security awareness and CUI/ITAR handling guidance
• Advise business units on compliant collaboration practices
• Promote a “security-by-design” mindset across the organization

Benefits

• Voyager offers a comprehensive, total compensation package, which includes competitive salary, a discretionary annual bonus plan, paid time off (PTO), a comprehensive health benefit package, retirement savings, wellness program, and various other benefits.