Information Security Analyst

Cryptic Vector•Miamisburg, OH

4d•Onsite

About The Position

At Cryptic Vector, the company is dedicated to mission success by understanding customer needs and delivering high-performing products for the United States government. The company focuses on creating a culture where top talent can grow, learn, and stay, solving unique problems in an environment that values problem solvers and hard workers, replacing corporate red tape with transparency and servant leadership. The Information Security Analyst (Classified Systems) will support compliance, auditing, and documentation activities for classified information systems. This role involves serving as the Information System Security Officer (ISSO) for assigned systems, focusing on the full Risk Management Framework (RMF) lifecycle, including security control assessments, continuous monitoring, and system authorization (ATO) maintenance. The analyst will collaborate closely with system owners, engineers, and the Information System Security Manager (ISSM) to ensure classified systems remain compliant and mission-ready. This position offers a meaningful opportunity to protect high-stakes classified environments by ensuring robust security posture, driving compliance excellence, and directly supporting critical national security missions.

Requirements

2–5+ years of experience supporting classified information systems or RMF compliance activities
Active Top Secret Clearance with SCI eligibility. A Polygraph is not required to be eligible for this position. However, the applicant must be willing and eligible for submission, depending on program requirements, after an offer is accepted and must be able to maintain the applicable clearance/access.
DoD 8140-compliant or equivalent legacy 8570 certifications (e.g. Sec+, CISSP)
Hands-on experience with RMF documentation and compliance tools, such as eMASS, STIG Viewer, SCAP
Knowledge of NIST SP 800-53 controls, security control implementation, and auditing practices
Familiarity with classified environments and government security processes
Strong attention to detail and ability to manage compliance documentation accurately
Completion of applicable DCSA training for classified RMF and system authorization within 90 days of hire

Nice To Haves

Experience with hardening various OSs (Windows and Linux)
Prior experience performing ISSO or compliance responsibilities in a government or contractor environment
Experience with centralized logging systems (e.g. Graylog)
Experience with vulnerability scanners (Wazuh)
Understanding of JSIG/DCSA requirements

Responsibilities

Act as ISSO for classified systems, supporting the RMF lifecycle, including: Security control assessments, System authorization (ATO) maintenance, Continuous monitoring and reporting
Manage and maintain RMF documentation in eMASS or manually (based on customer requirements), including: System Security Plans (SSP), Security Control Traceability Matrices (SCTM), Risk Assessment Reports (RAR), Plans of Action & Milestones (POA&M)
Conduct and document vulnerability assessments using tools such as: SCAP Compliance Checker, STIG Viewer
Perform audits and reviews to verify compliance with applicable security controls and standards, including: NIST SP 800-53, JSIG/DISA guidance (as applicable), DCSA requirements
Maintain asset inventory and configuration documentation for classified systems
Track findings and coordinate remediation with system owners, system admins, and ISSM
Support inspections, audits, and government assessments for classified systems
Stay current on RMF guidance, cybersecurity standards, and government training requirements (e.g., DCSA CBTs)