Senior Information Assurance / Cyber Analyst

Concept Plus

$90K — $130K *
US-AnywhereRemote in United States
Aerospace & Defense
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • US Citizenship Required
  • Ability to obtain and/or maintain a Secret Clearance
  • DoD 8140 intermediate certification or IAM Level II certifications
  • Bachelor's degree in Cybersecurity, IT, or related field
  • 5-7 years of experience in Federal and DoD cybersecurity compliance
  • Expert knowledge of DoD/Air Force cybersecurity mandates
  • Hands-on proficiency with cybersecurity tools like eMASS and Nessus

Responsibilities

  • Support the ISSM by managing the RMF package lifecycle with eMASS
  • Develop and update all required RMF documentation
  • Conduct continuous monitoring and analyze vulnerability scans
  • Coordinate security engineering input and implement security controls
  • Track cybersecurity incidents and ensure timely remediation
  • Document and report on cybersecurity performance
  • Act as a cybersecurity subject matter expert for the program

Benefits

  • Collaborative work environment within a defense-focused team
  • Opportunity to work closely with government and military stakeholders
  • Involvement in critical Air Force cybersecurity initiatives
  • Access to continuous learning and professional development in cybersecurity
  • Exposure to advanced tools and technologies in a robust cybersecurity setting
Full Job Description
About the role

Concept Plus is seeking a highly experienced Senior Information Assurance (IA) Cyber Analyst to join our team supporting a critical Air Force program. The program's systems are deployed across classified and unclassified environments, hosted in both DISA data centers and the cloud.

The successful candidate will be responsible for supporting the government Information System Security Manager (ISSM) in maintaining the system's cybersecurity posture in accordance with DoD and Air Force policies.

You will be responsible for preparing and maintaining the Risk Management Framework (RMF) package, conducting continuous monitoring, and working closely with technical teams to ensure security is integrated throughout the entire system's lifecycle. This role is pivotal in supporting the system's Authority to Operate (ATO) and ensuring robust security from development through production.

What you'll do

  • Support the ISSM by preparing and maintaining the system's RMF package throughout its lifecycle using the eMASS tool.
  • Develop, maintain, and update all required RMF documentation (SSP, SAR, POA&Ms, ISCM Plan, etc.).
  • Conduct continuous monitoring, analyze vulnerability scan results, and track the remediation of vulnerabilities by applying DISA STIGs and IAVM-directed patches.
  • Coordinate security engineering input into system designs and the implementation of security controls.
  • Analyze results from SAST/DAST security scans (e.g., SonarQube, Checkmarx) and collaborate with the development team on remediation.
  • Track and respond to cybersecurity incidents, ensuring timely reporting and effective recovery efforts.
  • Ensure compliance with security requirements such as two-factor authentication, data-at-rest encryption, and FIPS standards.
  • Document and report on cybersecurity performance, contributing to artifacts like the Software Cybersecurity Release Report
  • Act as a primary cybersecurity subject matter expert, providing guidance and support to the ISSM and program leadership.
  • Participating in Agile/DevSecOps development cycles, ensuring security is integrated from concept to deployment.
  • Review and validate system architecture, configuration changes, and release plans for security impacts.
  • Prepare for and participate in security assessments, audits, and inspections.
  • Liaise with external security stakeholders and accrediting authorities as directed.


Required Qualifications

  • US Citizenship Required
  • Ability to obtain and/or maintain a Secret Clearance
  • DoD 8140 intermediate certification or DoD 8570 IAM Level II certifications or higher
  • Bachelor's degree in Cybersecurity, Information Technology, or a related field.
  • Must meet DoD 8140 (formerly 8570) IAM Level II certification requirements (e.g., CISSP, CISM, CASP+ CE).
  • 5-7 years of experience in Federal and DoD cybersecurity compliance.
  • Expert knowledge of DoD/Air Force cybersecurity mandates, including RMF, DISA STIGs, and the IAVM process.
  • Hands-on proficiency with cybersecurity tools such as eMASS, Nessus, SonarQube, and/or Checkmarx.
  • Strong understanding of NIST 800-53 security controls.


Preferred Qualifications

  • Experience in a U.S. Air Force program environment.
  • Knowledge of specific Air Force policies such as AFMAN 17-1301 and 17-1303.
  • Hands-on experience with additional security tools like Trivy or Dependency Track.
  • Experience securing systems in an AWS GovCloud environment.
  • Experience working in an Agile development environment.

Similar Jobs

More Jobs at Concept Plus

More Aerospace & Defense Jobs

Find similar Senior Information Assurance / Cyber Analyst jobs: