Overview
Skills
Job Details
Job Description:
We are seeking an experienced IT Security Analyst with deep knowledge of FedRAMP, Department of Defense, Federal Government, or Aerospace & Defense cloud security requirements. The selected candidate will support the creation, maintenance, and execution of FedRAMP-mandated security documentation and compliance frameworks in a highly regulated cloud environment.
Key Responsibilities:
Create, update, and maintain FedRAMP security documentation, artifacts, and Continuous Monitoring (CONMON) items including POA&Ms.
Analyze systems for cybersecurity compliance and identify corrective actions.
Collaborate with cloud operations and security teams to resolve vulnerabilities.
Support system categorization, ATO (Authorization to Operate), and risk assessment activities.
Provide guidance based on evolving FedRAMP, NIST, and DoD cybersecurity policies and procedures.
Utilize tools such as NESSUS, Splunk, and application scanners for security reviews.
Interpret and assess network diagrams and system specifications using Microsoft Visio.
Create and review technical documents and ensure security documentation is clear, complete, and compliant.
Required Qualifications:
Must have prior experience in Department of Defense, Federal Government, or Aerospace & Defense cloud security
5+ years of experience in Cybersecurity and Security Analysis
Hands-on experience with FedRAMP documentation (CONMON, POAM, SSP, etc.)
Deep knowledge of security scanning tools (e.g., NESSUS, Splunk, application security scanners)
Strong understanding of DISA STIGs, SRGs, CNSSI 1253, and NIST RMF
Experience with risk assessment methodologies and frameworks including NIST 800-53, 800-171, and DoD RMF
Familiarity with cloud environments, compliance assessments, and vulnerability management
Proficiency with Microsoft Visio for diagramming and documentation
Strong written and verbal communication skills
Bachelor s degree in Computer Science, Information Systems, or a related field
Preferred Qualifications:
Relevant certifications (e.g., CISSP, CISM, CEH, Security+)
Experience supporting Testing, Development, and Pre-Production environments
Familiarity with DFARS, FISMA, and cloud compliance initiatives
To Apply:
Please submit your updated MS Word resume, along with the following details:
Years of experience in Cybersecurity, FedRAMP, DISA STIG, and Risk Management Framework
List of clients/projects with FedRAMP involvement
Experience with security tools (NESSUS, Splunk, etc.)
Certifications held