Associate Information Technology Security Analyst with Security Clearance

---

Job description

Vision IT is a fast growing, woman-owned business that's supported DoD and Federal Sector IT initiatives for two decades. We work side-by-side with our clients as a trusted, long-term partner offering innovative consultation and leadership to solve their most pressing and complex problems. We orchestrate people, strategies, technologies and best-of-breed business processes. Summary of position: We are seeking an experienced Associate Information Technology Security Analyst who is responsible for the daily operations of conducting routine Information Assurance (IA) audits on all Information Systems (IS). This role involves evaluating systems for compliance with the Risk Management Framework (RMF) 800-53 Controls and Special Directives, assisting in continuous monitoring within eMASS, and providing critical support for Certification and Accreditation (C&A) activities. Duties & Responsibilities: Conduct routine IA audits to ensure appropriate IA security controls are applied and maintained across all Information Systems (IS).
Evaluate IS compliance in alignment with RMF 800-53 Controls and Special Directives.
Assist in continuous monitoring of RMF packages within eMASS, including managing Plan of Actions and Milestones (POA&Ms), Test Results, and Risk Assessments.
Record and prepare artifacts associated with audits to maintain a current repository of all RMF documentation.
Provide C&A support by conducting risk and vulnerability assessments and developing security and contingency plans.
Utilize NIST Special Publications (800 Series) as references for C&A, system security plans, and risk assessments.
Create, edit, and review organizational and team-level documentation for clarity and accuracy, including security-related Tactics, Techniques, and Procedures (TTPs), Standard Operating Procedures (SOPs), and plans.
Employ automated security scanning tools (SCAP, ACAS, BNA, etc.) to identify potential vulnerabilities.
Analyze findings and report them to technical teams and leadership for appropriate tracking and mitigation.
Research Requests for Information (RFIs) from technical teams regarding DISA STIG checklists and regulations.
Clearly explain security requirements to systems administrators to ensure proper understanding.
Review proposed actions from technical teams, recommending the most secure options while balancing operational requirements.
Assist in identifying, tracking, and remediating security risks discovered on information systems.
Prepare and deliver detailed written reports and oral presentations to senior leaders and staff within the RCC-C.
Coordinate with internal and external entities to enhance established processes, ensuring efficient execution of analysis, tracking, mitigation, and reporting.
Work directly with cross-functional teams and management to resolve compliance issues.
Support or lead special projects as required.
Complete other duties assigned by management. Required Qualifications: Active Secret Clearance
Experience with Risk Management Framework (RMF) and vulnerability management.
Education and Experience:
High School diploma + 4 years of IT/Cyber experience Associate's degree + 2 years of IT/Cyber experience Bachelor's degree + 2 years of IA/IT experience Knowledge of network-specific DISA Security Technical Implementation Guides (STIGs) and checklists.
Familiarity with asset scanning techniques.
Experience performing audits within a DoD organization.
Exceptional communication and interpersonal skills.
Knowledge of eMASS.
Work Environment: Normal office setting.
Ability to maintain awareness during scheduled working hours.
Prolonged periods of sitting or standing at a desk and working on a computer.
Ability to lift up to 15 pounds.
Physical and Mental Qualifications: Excellent verbal and written communication skills with a strong command of the English language.
Ability to execute tasks independently and work collaboratively as part of a team.
Strong organizational skills and self-management abilities.
Capability to learn and memorize routine tasks.
Vision IT provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Vision IT complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training. Vision IT expressly prohibits any form of workplace harassment based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of Vision IT's employees to perform their job duties may result in discipline up to and including discharge.

<!– job description page –>