Junior Cyber Security Analyst

About The Position

Requirements

• U.S. Citizen.
• Obtain a DoD 8140 IAT Level II Security+ (or higher) within 30 days.
• Ability to work five days per week onsite at Fort Meade, MD.
• Foundational knowledge of cyber security principles, vulnerability management, and security operations.
• Basic technical understanding of client-server architecture, Active Directory, and operating systems, specifically Windows Server and Red Hat Enterprise Linux (RHEL).
• Strong data analysis and spreadsheet skills (e.g., MS Excel) for organizing, filtering, and tracking large datasets of vulnerability scans and compliance checklists.
• Basic conceptual understanding of cloud networking (subnets, network security groups, firewalls) within a Microsoft Azure environment.
• Familiarity with DoD RMF, ATO support, POA&Ms, STIGs, and continuous monitoring concepts.
• Ability to review vulnerability scan results, security findings, and compliance artifacts under the guidance of senior security staff.
• Ability to assist with maintaining cyber security documentation, evidence repositories, meeting notes, trackers, and status reports.
• Ability to collaborate with technical teams, including cloud engineers, system administrators, and security personnel.
• Strong attention to detail and ability to follow documented processes for artifact review, finding validation, and remediation tracking.
• Strong problem-solving and decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate solution.
• Highly developed interpersonal and oral/written communication skills, with the ability to effectively and professionally interact with a diverse set of stakeholders (from peers to end-users to executive management).

Responsibilities

• Assist with vulnerability management activities, including reviewing ACAS/Nessus scan results, tracking findings, and coordinating remediation status with technical teams.
• Assist with reviewing and validating DISA STIG artifacts, checklists, and scan outputs for Windows, RHEL, and Azure environments.
• Assist with control documentation, artifact mapping, and validation of security evidence against RMF and ATO requirements.
• Support POA&M maintenance by helping update milestones, remediation status, risk statements, evidence, and closure documentation.
• Support incident response documentation, alert triage, and escalation activities as directed.
• Help collect, organize, and maintain cybersecurity artifacts needed for RMF, ATO, audits, assessments, and continuous monitoring.
• Monitor or assist with security tools such as Microsoft Sentinel, Trellix, Microsoft Defender for Cloud, ACAS, and related dashboards.
• Perform recurring log analysis within Azure Sentinel to identify anomalous events.
• Help document security findings, remediation actions, meeting notes, action items, and compliance status updates.
• Coordinate with cloud engineers, system administrators, and cybersecurity personnel to gather evidence and track remediation progress.
• Participate in recurring cybersecurity, vulnerability management, POA&M, and ATO status meetings.
• Maintain accurate trackers, repositories, reports, and documentation used to support the security posture of the Azure environment.
• Other duties, as assigned.