Information Security Analyst (Mid-Level / Journeyman)

• Monitor enterprise systems for anomalous events using security monitoring platforms, SIEM, and endpoint tools
• Create, update, and escalate incident cases and tickets through the SOC ticketing and incident tracking systems
• Apply antivirus, intrusion detection, and vulnerability assessment tools and maintain signature policies
• Analyze ISS reports and coordinate reporting of ISS-related incidents
• Respond to and validate IDS/IPS alerts; tune SIEM events to minimize false positives

• Conduct comprehensive vulnerability assessments of ARNG sites, enclaves, and systems
• Execute CDAP penetration testing missions including Network Assistance Visits (NAVs) and Persistent Penetration Testing (PPT)
• Perform web vulnerability assessments, phishing campaigns, and network penetration testing using approved CDAP tools
• Analyze vulnerability scan results using ACAS and document findings with remediation recommendations
• Implement STIGs within 30 days of new DISA STIG releases and maintain secure baseline configurations

• Support CMMC controls assessments and maintain compliance documentation in eMASS
• Develop and maintain POA&Ms for non-compliant controls and track remediation to closure
• Ensure all systems meet DISA STIG, IAVM, and FISMA compliance requirements
• Assist in preparation of cybersecurity test results, compliance reports, and vulnerability scan analyses
• Support DoD RMF lifecycle activities including Assessment & Authorization (A&A) and re-authorization

• Support ARNG CHAP activities including CORA preparatory meetings, deep dives, and state assessments
• Build ACAS and AESS scorecards and incorporate results into weekly briefings
• Provide guidance to ARNG states on CORA requirements and cybersecurity best practices
• Participate as an active member of Cyber Hygiene Assessment Teams (CHAT) and Site Assistance Visit (SAV) teams

• Active Top Secret security clearance
• Bachelor's degree in Cybersecurity, Computer Science, or related field (or equivalent experience)
• 4–8 years of experience in information security, vulnerability assessment, or penetration testing
• Security (DoD 8570/8140 IAT Level II minimum)
• Demonstrated experience with vulnerability scanning tools (ACAS/Nessus or equivalent)
• Working knowledge of DISA STIGs, RMF, IAVM compliance, and eMASS
• Experience conducting penetration testing or red team/blue team operations
• Familiarity with SIEM platforms and IDS/IPS technologies

• CISSP, CySA , CEH, OSCP, or equivalent advanced security certifications
• Experience with CDAP methodology, CORA assessments, or Army CHAP program
• CMMC Certified Assessor (CCA) or CMMC Certified Professional (CCP)
• Experience supporting Army National Guard, NETCOM, or ARCYBER environments
• Familiarity with AESS, ACAS, and DoDIN-A(NG) network architecture
• TS/SCI clearance

• Competitive compensation package and comprehensive benefits
• Certification support and professional development funding
• Mission-critical work supporting the Army National Guard enterprise
• Growth opportunities within an expanding DoD cybersecurity program

Salary : $138,000 - $155,000