Information Assurance (IA) Analyst Location: Washington, DC Metro Area
Clearance Requirement: TS
Experience Requirement: Minimum 10 years of demonstrable experience
Position Summary
We are seeking a highly skilled
Information Assurance (IA) Analyst to support cybersecurity and compliance efforts within a fast-paced, mission-critical environment. The ideal candidate will have extensive experience with the
Authority to Operate (ATO) process, cybersecurity frameworks, and compliance tools. This role requires hands-on expertise in implementing security controls, risk assessment, and maintaining compliance within cloud-based and on-prem environments, particularly
AWS.
Key Responsibilities
- Lead the Authority to Operate (ATO) lifecycle from initial requirements through continuous monitoring, including RMF, FedRAMP, and NIST compliance.
- Develop and maintain security documentation, including System Security Plans (SSP), Security Assessment Reports (SAR), and Plans of Action & Milestones (POA&M).
- Conduct security impact assessments and vulnerability management to ensure compliance with security requirements.
- Utilize ATO tools and frameworks such as eMASS, Xacta, Nessus, and Splunk to monitor, assess, and document security controls.
- Perform risk management activities, including security impact analysis, risk assessments, and mitigation strategies.
- Collaborate with system owners, ISSOs, ISSMs, and other cybersecurity personnel to ensure adherence to security policies and best practices.
- Support AWS cloud security compliance efforts, ensuring adherence to DoD, NIST, and FedRAMP standards.
- Stay current with evolving security policies, emerging threats, and best practices for continuous improvement.
Required Qualifications
- 10+ years of experience in Information Assurance (IA), cybersecurity, or a related field.
- Extensive knowledge of NIST 800-53, RMF, FedRAMP, and other cybersecurity compliance frameworks.
- Hands-on experience with ATO processes, including security control implementation, documentation, and assessment.
- Proficiency in ATO tools such as eMASS, Xacta, Nessus, ACAS, and Splunk.
- Experience working with AWS security and compliance requirements in a government or highly regulated environment.
- Strong analytical, documentation, and communication skills.
- Relevant cybersecurity certifications (e.g., CISSP, CAP, CISM, Security+ CE) preferred.
Desired Qualifications
- Experience working in a DoD or federal agency environment.
- Knowledge of container security, Zero Trust Architecture (ZTA), and automation for compliance reporting.
- Familiarity with continuous monitoring and DevSecOps security practices.
S2 Technologies is dedicated to inclusivity and opportunity for all applicants. We ensure fair consideration for all qualified applicants and champion equal employment opportunities for disabled veterans. Applicants living in a HubZone designated area receive preferential selection when meeting all other required qualifications.
