IA/Cyber Security Analyst
About The Position
Concept Plus is seeking a mission-driven and detail-oriented IA/ Cyber Security Analyst to join our dynamic cybersecurity team supporting a critical software modernization initiative for the Department of Defense. As a Cyber Security Analyst, you'll help protect and secure national defense systems by ensuring compliance with the Risk Management Framework (RMF) and maintaining accreditation packages for mission-critical assets. You’ll work closely with system owners, security engineers, assessors, and program stakeholders to ensure that sensitive systems remain secure, resilient, and aligned with DoD cybersecurity regulations. This role operates within a collaborative Agile and DevSecOps framework to ensure secure, timely, and iterative delivery of capabilities. The ideal candidate thrives in a fast-paced, evolving environment and brings a deep understanding of both business processes and technological integration.
Requirements
- US Citizen
- Bachelor’s degree in Information Science, Engineering, Computer Science, Technology Management, or a degree in a closely related field
- 3+ years of experience in Cyber Security, preferably within a DoD or government contracting environment.
- An advanced degree may substitute for two years of required experience
- Industry certification such as Security+ CE, CISSP, CISM, or CAP (Security+ is a DoD 8570 baseline requirement)
- Hands-on experience with RMF steps, security control implementation, and continuous monitoring
- Proficient with tools such as SonarQube, Checkmarx, Trivy, Dependency Track, eMASS, Nessus, and DISA STIGs
- Familiarity with Air Force cybersecurity policies and standards, including AFMAN 17-1301
- Familiarity with Federal cybersecurity compliance work
- Very good verbal and written communication skills
- An Interim Secret or Secret Clearance to start
Nice To Haves
- Preferred experience working in Agile and DevSecOps environments
- Familiarity with Agile and Scrum methodologies in federal or defense settings.
Responsibilities
- Work closely with technical teams to implement secure system improvements that meet DoD cybersecurity standards.
- Monitor and evaluate project progress, providing actionable reports to leadership and government officials.
- Communicate with team, customers, and stakeholders in a clear, concise, timely, and professional manner.
- Manage and maintain security authorization packages within the DoD RMF lifecycle
- Ensure the confidentiality, integrity, and availability of systems through compliance with NIST 800-53 controls and DoDI 8500 series
- Draft and maintain documentation including System Security Plans (SSPs), POA&Ms, and Continuous Monitoring strategies
- Support system assessments, vulnerability scanning, and remediation efforts using tools like SonarQube, Checkmarx, Trivy, Dependency Track, eMASS, and Nessus
- Support system assessments, vulnerability scanning, and remediation efforts relating to DISA STIGs
- Interface with government security officials (e.g., ISSMs, AO representatives) to support audits, inspections, and reviews
- Coordinate security engineering input into system designs and control implementation
- Track and respond to cybersecurity incidents and ensure timely reporting and recovery efforts
- Participate in Agile/DevSecOps development cycles, ensuring security is integrated from concept to deployment
- Assist with personnel security awareness, training, and insider threat mitigation
- Commute as needed to the nearest secured facility to perform duties in a higher environment.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
