Security Analyst

The Security Analyst supports a Department of Defense (DoD) cloud-based system operating at Impact Level 4 (IL4) in AWS GovCloud, with an active Authority to Operate (ATO) under the Risk Management Framework (RMF). The analyst ensures ongoing compliance and security through continuous monitoring, vulnerability management, and by supporting secure development and change management practices.

This role works closely with a Security Architect and other technical and program management leaders to ensure the security posture of the system throughout its lifecycle.

Key Responsibilities:

• Perform continuous monitoring of system security controls as required by RMF, including regular review of logs, alerts, and security events in AWS GovCloud IL4 environments.
• Conduct and analyze vulnerability assessments using automated tools (e.g., Evaluate-STIG), interpret scan results, and coordinate remediation with technical teams.
• Manage and update RMF documentation (SSP, SAR, POA&M), ensuring it accurately reflects current system status, vulnerabilities, and remediation actions to support ATO renewals and audits.
• Participate in change management and secure development processes, reviewing new features and modifications for security impacts.
• Support and document threat modeling activities for new or updated system features, identifying risks and recommending mitigations.
• Operate within GRC tools (e.g., eMASS) to maintain assessment evidence, track findings, and manage compliance activities.
• Collaborate with and support the Security Architect, system owners, ISSOs, engineers, developers, and program management stakeholders to gather evidence, resolve findings, and ensure secure implementation of system changes.
• Prepare and deliver clear, concise security reports and briefings to technical and non-technical stakeholders.
• Remain current on evolving DoD cybersecurity requirements, NIST guidance, AWS GovCloud best practices, and emerging threats.

Required Skills and Experience:

• Experience supporting RMF processes and maintaining compliance documentation (NIST 800-53 rev4, ATO lifecycle).
• Hands-on experience with GRC tools (eMASS), vulnerability assessment tools (Evaluate-STIG), and AWS GovCloud services.
• Strong analytical, problem-solving, organizational, and technical writing skills.
• Familiarity with vulnerability management, continuous monitoring, and secure change management in cloud environments.
• Demonstrated ability to communicate and collaborate effectively with both technical and program management teams.
• Experience working in or with consulting organizations and/or public sector clients is highly valued.
• At least one of the following baseline certifications is required to qualify for this role, in accordance with DoD 8140/8570 requirements for cybersecurity workforce positions (IAT Level II/III, IAM Level I/II, or CSSP Analyst/Auditor, as appropriate to assignment):
  • CompTIA Security+
  • CompTIA Cybersecurity Analyst (CySA+)
  • CAP (Certified Authorization Professional)
  • CISA (Certified Information Systems Auditor)
  • GSLC (GIAC Security Leadership Certification)
  • CISSP (Associate or full, preferred for some assignments)
  • Other DoD 8140/8570-approved certifications appropriate to the position and level
• Candidates must maintain active certification status throughout employment. Additional or higher-level certifications may be required for advancement or based on project needs but are not necessary to apply for this role.

NICE Framework Alignment:

This position is closely aligned with the Cyber Defense Analyst (PR-CDA-001) and Vulnerability Assessment Analyst (PR-VAM-001) roles, with a strong emphasis on RMF-driven continuous monitoring, vulnerability management, and secure support for ongoing system changes in a DoD cloud environment.