Today
Secret
Unspecified
Unspecified
IT - Security
Remote/Hybrid• (Off-Site/Hybrid)
Job Title: Security Analyst-Mid Level
Job Category: IT
Location: Remote- Must reside within the DMV Area
Clearance: Active Secret Clearance
SHR is a premier technology integrator solving our nation's most complex modernization and readiness challenges across the defense, federal civilian, and intelligence markets. Our robust portfolio of offerings includes high-end solutions in systems engineering and integration; enterprise IT, including cloud services; cyber; software; advanced analytics and AI. With an intimate understanding of our customers' challenges and deep expertise in existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions.
The Security Analyst (Mid-Level) supports cybersecurity operations in a Department of Defense (DoD) environment, focusing on Risk Management Framework (RMF) compliance, vulnerability management, and data-driven security analysis. The analyst will leverage ACAS, SCAP, and STIG tools to monitor and assess system configurations, perform security trending, and ensure systems meet DoD cybersecurity standards.
Job Responsibilities:
Required Qualifications:
Desired Skills:
Education:
Certifications:
Why Join Us:
At SHR, we foster an environment that promotes growth, innovation, and continuous learning. As a valued member of our team, you will:
Join us and make a difference!
Job Category: IT
Location: Remote- Must reside within the DMV Area
Clearance: Active Secret Clearance
SHR is a premier technology integrator solving our nation's most complex modernization and readiness challenges across the defense, federal civilian, and intelligence markets. Our robust portfolio of offerings includes high-end solutions in systems engineering and integration; enterprise IT, including cloud services; cyber; software; advanced analytics and AI. With an intimate understanding of our customers' challenges and deep expertise in existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions.
The Security Analyst (Mid-Level) supports cybersecurity operations in a Department of Defense (DoD) environment, focusing on Risk Management Framework (RMF) compliance, vulnerability management, and data-driven security analysis. The analyst will leverage ACAS, SCAP, and STIG tools to monitor and assess system configurations, perform security trending, and ensure systems meet DoD cybersecurity standards.
Job Responsibilities:
- Perform ongoing security analysis and compliance assessments under the DoD Risk Management Framework (RMF) processes, including continuous monitoring, POA&M management, and risk assessments.
- Utilize ACAS (Assured Compliance Assessment Solution) and Tenable tools to perform vulnerability scanning, trending, and reporting of system compliance posture.
- Conduct STIG and SCAP compliance checks on network devices, servers, and applications, coordinating remediation with system owners.
- Develop data visualizations and trend analyses using Microsoft Power BI and Microsoft Excel to identify recurring vulnerabilities and track mitigation progress.
- Prepare briefing materials and communicate technical issues, risks, and recommendations to customer leadership, engineering teams, and program managers.
- Collaborate with information system owners to ensure systems achieve and maintain Authorization to Operate (ATO) and meet continuous monitoring requirements.
- Participate in incident response efforts, investigations, and after-action reporting to improve future preparedness.
Required Qualifications:
- Minimum of 3 years of experience with DoD RMF processes supporting NIST SP 800-53 and CNSSI 1253 compliance.
- Demonstrated experience with ACAS, SCAP Compliance Checker, and implementation of DISA STIGs.
- Experience using Power BI or Microsoft Office Suite to produce analytical reports and dashboards.
- Proven skill in risk management activities, including developing, tracking, and resolving POA&Ms and conducting formal risk assessments.
- Strong communication and presentation abilities to effectively brief customers and technical teams.
- Experience working within DoD network environments or Federal compliance programs.
Desired Skills:
- Familiarity with eMASS, Azure, AWS, and OCI Government, or other cloud compliance frameworks within the DoD sector.
- Understanding of SIEM tools and ability to integrate vulnerability and compliance data into enterprise dashboards.
- Strong analytic mindset to identify trends, anticipate risks, and propose risk mitigation strategies.
Education:
- Bachelor's degree in Cybersecurity, Information Technology, or related field, or equivalent experience.
Certifications:
- Possess an active DoD 8140.03 certification, such as Security+, CEH, CySA+, or CISSP.
Why Join Us:
At SHR, we foster an environment that promotes growth, innovation, and continuous learning. As a valued member of our team, you will:
- Contribute to impactful government initiatives that enhance national security and public welfare.
- Work in a collaborative, flexible, and forward-thinking work environment.
- Receive competitive compensation, comprehensive benefits, and career development opportunities.
Join us and make a difference!
group id: 10409777