Oct 24
Secret
Senior Level Career (10+ yrs experience)
IT - Security
Washington, DC (Off-Site/Hybrid)
Information Security Analyst Duties and Responsibilities:
Design, implement, and maintain secure cloud architectures within Azure Government Secret classified environments
Enforce zero trust principles, role-based access control (RBAC), and identity federation (e.g.,Azure AD B2B/B2C with CAC/PIV)
Configure and manage security controls such as Microsoft Defender for Cloud, Key Vault, Azure Policy, NSGs, and Private Endpoints
Automate compliance and security operations using PowerShell, Terraform, or ARM templates
Integrate SIEM/SOAR tools (e.g., Microsoft Sentinel for IL6) for continuous monitoring, logging, and incident response
Conduct vulnerability assessments and implement remediations aligned to NIST 800-53, DoD STIGs, and JSIG
Collaborate with mission owners, compliance teams, and developers to ensure secure DevSecOps pipelines
Support Authority to Operate (ATO) processes by generating security documentation, control evidence, and supporting audits
Navigate federal systems through the authorization process to achieve and maintain Authority to Operate (ATO)
Work with the ISSO, Program and DOC ITD IA teams to maintain the necessary security authorizations
Develop comprehensive System Security Plans (SSPs) documenting all implemented NIST 800-53 controls
Coordinate security assessments with third-party assessors
Manage Plans of Actions & Milestones (POA&Ms) for addressing identified vulnerabilities
Ensure continuous monitoring plans meet agency requirements
Prepare authorization packages for government review
Maintain ongoing compliance through change management processes
Serve as the liaison between technical teams and authorizing officials
Translate security requirements into actionable tasks
Ensure all documentation meets the rigorous standards required for federal information systems
Information Security Analyst Requirements and Qualifications:
Bachelor's degree in information systems security; master's degree or equivalent professional experience in information security is preferred
Active Secret clearance
5+ years in cloud security, including 2+ in Azure Government or DoD environments
Strong knowledge of Azure-native security tools, IL6 data handling, and cloud networking
Proficient in scripting (PowerShell, Python, or Bash) and Infrastructure as Code (ARM, Bicep, Terraform)
Experiences with DoD SRG, FedRAMP High, JSIG, and ICD 503 compliance frameworks
Hands-on experience with classified enclaves, hardened images, and enclave-to-enclave connectivity
Comprehensive knowledge of corporate Systems/Solutions Architecture processes and trends
Strong leadership, organizational, and communication skills
Secret Clearance to start
Knowledge of Agile software development process
Required Technical Skills:
SCAP, STIG, Patching, eMASS, and related RMF tools
Cybersecurity, Systems Administration, implementation of RMF tools and processes
Experience with gaining an ATO for systems and working the systems through the assessment and authorization process
Experience working with IP networking, networking protocols and understanding of security related technologies including encryption, IPsec, PKI, VPNs, firewalls, proxy services, DNS, electronic email and access-list
Excellent communication skills
Experience working in Agile software development teams
Experience with secure development, coding and engineering practices
Experience with Cybersecurity, Information Security, and Information Technology Security processes, protocols, and procedures.
Experience
10 years of relevant experience
* may vary based on technical training, certification(s), or degree
Experience with Cloud Security
Experience working with leading firewall, network scanning and authentication technologies
Experience working with internet, web, application and network security techniques
Experience in Agile methodology
Experience in Jira to support development team in agile environment
Experience working in Federal or State government environments
Ability to work independently and remotely
Certification: Active DoD 8570 IAT Level II Certification (Security+, CISSP, CISM)
Travel Required: Little to no travel anticipated (may be required upon customer request)
Location: On-site 3 days a week at minimum.
Design, implement, and maintain secure cloud architectures within Azure Government Secret classified environments
Enforce zero trust principles, role-based access control (RBAC), and identity federation (e.g.,Azure AD B2B/B2C with CAC/PIV)
Configure and manage security controls such as Microsoft Defender for Cloud, Key Vault, Azure Policy, NSGs, and Private Endpoints
Automate compliance and security operations using PowerShell, Terraform, or ARM templates
Integrate SIEM/SOAR tools (e.g., Microsoft Sentinel for IL6) for continuous monitoring, logging, and incident response
Conduct vulnerability assessments and implement remediations aligned to NIST 800-53, DoD STIGs, and JSIG
Collaborate with mission owners, compliance teams, and developers to ensure secure DevSecOps pipelines
Support Authority to Operate (ATO) processes by generating security documentation, control evidence, and supporting audits
Navigate federal systems through the authorization process to achieve and maintain Authority to Operate (ATO)
Work with the ISSO, Program and DOC ITD IA teams to maintain the necessary security authorizations
Develop comprehensive System Security Plans (SSPs) documenting all implemented NIST 800-53 controls
Coordinate security assessments with third-party assessors
Manage Plans of Actions & Milestones (POA&Ms) for addressing identified vulnerabilities
Ensure continuous monitoring plans meet agency requirements
Prepare authorization packages for government review
Maintain ongoing compliance through change management processes
Serve as the liaison between technical teams and authorizing officials
Translate security requirements into actionable tasks
Ensure all documentation meets the rigorous standards required for federal information systems
Information Security Analyst Requirements and Qualifications:
Bachelor's degree in information systems security; master's degree or equivalent professional experience in information security is preferred
Active Secret clearance
5+ years in cloud security, including 2+ in Azure Government or DoD environments
Strong knowledge of Azure-native security tools, IL6 data handling, and cloud networking
Proficient in scripting (PowerShell, Python, or Bash) and Infrastructure as Code (ARM, Bicep, Terraform)
Experiences with DoD SRG, FedRAMP High, JSIG, and ICD 503 compliance frameworks
Hands-on experience with classified enclaves, hardened images, and enclave-to-enclave connectivity
Comprehensive knowledge of corporate Systems/Solutions Architecture processes and trends
Strong leadership, organizational, and communication skills
Secret Clearance to start
Knowledge of Agile software development process
Required Technical Skills:
SCAP, STIG, Patching, eMASS, and related RMF tools
Cybersecurity, Systems Administration, implementation of RMF tools and processes
Experience with gaining an ATO for systems and working the systems through the assessment and authorization process
Experience working with IP networking, networking protocols and understanding of security related technologies including encryption, IPsec, PKI, VPNs, firewalls, proxy services, DNS, electronic email and access-list
Excellent communication skills
Experience working in Agile software development teams
Experience with secure development, coding and engineering practices
Experience with Cybersecurity, Information Security, and Information Technology Security processes, protocols, and procedures.
Experience
10 years of relevant experience
* may vary based on technical training, certification(s), or degree
Experience with Cloud Security
Experience working with leading firewall, network scanning and authentication technologies
Experience working with internet, web, application and network security techniques
Experience in Agile methodology
Experience in Jira to support development team in agile environment
Experience working in Federal or State government environments
Ability to work independently and remotely
Certification: Active DoD 8570 IAT Level II Certification (Security+, CISSP, CISM)
Travel Required: Little to no travel anticipated (may be required upon customer request)
Location: On-site 3 days a week at minimum.
group id: asdinc
