Vista Defense Technologies is seeking a Cyber Security Analyst This position is a full-time, 40-hour/week contract position supporting the Information Management Division of William Beaumont Army Medical Center (WBAMC). The successful applicant will work as a team to provide a full range of IT services necessary to deliver cybersecurity support and services. The prospective new hire will provide updated documentation through a system of record and review documentation as required to maintain accuracy (Service Now). Responsibilities Provide cybersecurity vulnerability remediation and mitigation support for all detected/known vulnerabilities across all applicable WBAMC assets. Shall remediate these vulnerabilities within any defined suspense date (i.e., Cyber Command IAVA, DoD/DHA taskord, DoD Control Correlation Identifier (CCI)). Shall provide mitigation strategies where remediation of the vulnerability cannot be executed prior to suspense date. Shall provide a Plan of Action with Milestone (POA&M) tasks and dates to the WBAMC Information Systems Security Manager (ISSM) no later than 10 business days prior to the vulnerability remediation suspense date for acceptance and tracking. Shall include in the POA&M, documented mitigations that are applied or will be applied to reduce that vulnerabilities risk of exploitation and impact to the severity of the vulnerability while they work to remediate the vulnerability. Shall have a strong background in information assurance policies and procedures, software/system/enclave authorization and accreditation, development of systems/software architecture, security risk analysis, risk mitigation reporting, and vulnerability analysis and assessment. Shall perpetuate WBAMC ATO process by reviewing, submitting and tracking the status of the Authority to Operate (ATO) packages for WBAMC and its subordinate organizations. Shall evaluate existing mission systems to provide analysis on Risk Management Framework (RMF) documentation/artifacts to ensure compliance with AR 25-1, 25-2, DODI 8510, NIST SP 800-53, and current Best Business Practices (BBP). Shall be responsible for running Assured Compliance Assessment Solution (ACAS) scans for vulnerabilities, the Contractor will also be responsible for running SCC System Capabilities Analytic Process (SCAP) scans for vulnerabilities, to include testing and documenting software and hardware for both Assess Only and ATOs processes. Shall provide technical support on Vulnerability Assessments, perform vulnerability scans of selected systems, and provide technical support to organizations on the use of Army-approved vulnerability scanning software packages. Qualifications Must be a U.S. citizen Must possess or be able to attain a Government T3 Secret security clearance. Certifications REQUIRED: at a minimum, CompTIA Security AND an environment certification such as Network or Server . Experience providing IT customer support in a professional setting