Information Assurance (IA) Analyst

About The Position

Requirements

• Bachelor’s degree in cybersecurity, computer engineering, or a related IT field.
• 3+ years of experience in IT security, particularly within DoD or government environments.
• DoD 8140/8570 IAT Level II or III certifications required (e.g., Security+, CISSP, CAP, CASP+).
• Active Secret or Top Secret (TS/SCI) clearance is required.
• Technical proficiency in securely deploying, hardening, and integrating commercial off-the-shelf (COTS) and Open-Source Software (OSS) tools.
• Hands-on engineering experience with Amazon Web Services (AWS) GovCloud, including configuring cloud-native security services and secure network architectures.
• Deep technical understanding of data, application, and networking technologies. This includes encryption protocols, boundary defense, and identity management.
• Ability to engineer and implement technical solutions that satisfy National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) requirements.
• Proficiency with automated vulnerability scanning tools, secure configuration management, and technical risk mitigation.
• Hands-on experience with DevSecOps methodologies, including securing CI/CD pipelines, Infrastructure as Code (IaC), and automated deployment models.
• US Citizenship Required: Yes

Nice To Haves

• Information System Security
• Security Information and Event Management (SIEM)
• Security Software

Responsibilities

• Performs Assessment & Authorization (A&A) activities under the Risk Management Framework (RMF) to obtain and maintain Authorization to Operate (ATO) for systems.
• Conducts vulnerability assessments using tools such as Nessus, Nmap, or ACAS to identify and remediate security gaps.
• Integrates security solutions into developing information system environments, ensuring secure system architecture throughout the SDLC.
• Develops and technically executes remediation strategies and corrective courses of action for vulnerabilities identified during risk assessments or continuous monitoring.
• Collaborates with development and information security staff to provide technical artifacts, system diagrams, and engineering documentation required for Assessment and Authorization (A&A) activities.
• Monitors compliance with standards such as NIST SP 800-53, CNSSI 1254, and FISMA to ensure systems meet regulatory requirements.
• Maintains and updates System Security Plans (SSP) and Plan of Action and Milestones (POA&M) documentation.
• Participates in incident response activities to detect, report, and mitigate security incidents.
• Utilizes key security tools including eMASS, ACAS, Nessus, Nmap, Burpsuite, HBSS, Splunk, and Tanium.

Benefits

• Comprehensive benefits and wellness packages
• 401K with company match
• Competitive pay and paid time off
• Full flex work weeks where possible
• Variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave.
• Short and long-term disability benefits
• Life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance