Cybersecurity Analyst

Overview

DecisionPoint seeks two Cybersecurity Analysts to provide advanced cybersecurity operations, compliance management, and continuous monitoring support for a large-scale Department of Defense (DoD) enterprise environment. These positions play a critical role in sustaining cyber defense readiness, ensuring systems maintain RMF accreditation, STIG compliance, and continuous monitoring posture across IL2–IL5 environments. 

One analyst will focus on RMF/ATO documentation and Tier 3 operational support, while the other will concentrate on vulnerability management, audit log review, and patch compliance validation. Both roles support ongoing modernization and defense initiatives that enable secure, mission-ready operations. 

These positions are fully remote. 

Note: By applying to this position, you acknowledge and consent to having your resume included in an active competitive government contract bid. 

Duties & Responsibilities

Cybersecurity Analyst – RMF/ATO Support & Tier 3 Operations: 

• Support the full Risk Management Framework (RMF) lifecycle, including control identification, tailoring, and evidence collection. 

• Develop, maintain, and validate Authorization to Operate (ATO) packages, ensuring all artifacts are current and traceable in eMASS. 

• Support security assessments and audits, ensuring system configurations meet DoD and DISA STIG/SRG baselines. 

• Coordinate Tier 3 cybersecurity support, analyzing incidents, escalating unresolved vulnerabilities, and applying mitigations. 

• Develop and update System Security Plans (SSPs), Security Assessment Reports (SARs), and Plan of Action and Milestones (POA&Ms). 

• Track vulnerability remediation status and report compliance metrics to leadership and system owners. 

• Assist in developing Continuous Monitoring Strategies and dashboards that align with DoD cybersecurity directives. 

• Participate in technical reviews to ensure security considerations are integrated into design and sustainment phases. 

• Collaborate with engineers, administrators, and auditors to close findings and maintain ATO compliance across IL environments. 

 Cybersecurity Analyst – Continuous Monitoring & Compliance: 

• Conduct continuous vulnerability scanning using Tenable ACAS, AWS Inspector, or equivalent tools, and validate remediation effectiveness. 

• Review and analyze audit logs for unauthorized activity, configuration drift, and potential security incidents. 

• Manage and track encryption key rotation, certificate renewals, and credential lifecycle to ensure data protection compliance. 

• Validate system and application patches to ensure proper deployment, configuration alignment, and functional stability. 

• Correlate scan and log data to identify patterns and potential risks across cloud and hybrid infrastructure. 

• Support incident response activities through forensics analysis and coordinated remediation actions. 

• Assist in maintaining SIEM dashboards, ensuring timely alerts and accurate risk categorization. 

• Generate reports summarizing vulnerabilities, patch compliance, and audit results for leadership and stakeholders. 

• Recommend and implement security automation enhancements to streamline scanning, alerting, and reporting functions. 

• Contribute to the Continuous Service Improvement (CSI) process by identifying recurring issues and suggesting mitigation strategies. 

Qualifications

Clearance Requirement: 

• Must hold an active Top Secret clearance. 

Education: 

• Bachelor’s degree in Cybersecurity, Information Systems, or a related technical field. 

Experience: 

• Minimum 5 years of experience in cybersecurity operations, compliance, or risk management within DoD or federal environments. 

• Hands-on experience with RMF/ATO processes, continuous monitoring, and vulnerability scanning tools. 

• Proven understanding of IL-classified cloud environments, compliance reporting, and control implementation. 

Technical Knowledge: 

• Strong knowledge of DoDI 8510.01 (RMF), NIST SP 800-53, and DISA STIG/SRG frameworks. 

• Experience with eMASS, Tenable ACAS, AWS Inspector, or Splunk. 

• Familiarity with security event correlation, log aggregation, and SIEM tools. 

• Understanding of Zero Trust architecture, encryption, and key management principles. 

• Proficiency in interpreting vulnerability scan results, logs, and configuration compliance reports. 

• Experience in AWS GovCloud or similar IL4/IL5 environments preferred. 

Certifications (Preferred): 

• CompTIA Security+ CE (Required for DoD 8570 IAT II compliance). 

• Certified Information Systems Security Professional (CISSP) or Certified Ethical Hacker (CEH). 

• AWS Certified Security – Specialty or equivalent. 

Skills: 

• Strong analytical and problem-solving skills with attention to operational detail. 

• Excellent written and verbal communication, especially for RMF documentation and compliance reporting. 

• Ability to collaborate across cross-functional teams in a fast-paced environment. 

• Skilled in prioritizing remediation tasks and ensuring timely closure of findings. 

• Commitment to proactive risk reduction, secure modernization, and continuous compliance. 

Our Equal Employment Opportunity Policy

• EEO and Affirmative Action Policy: DecisionPoint Corporation is an Equal Employment Opportunity and Affirmative Action employer. It is the policy of DecisionPoint Corporation to provide equal employment opportunity in accordance with all applicable Equal Employment Opportunity/Affirmative Action laws, directives and regulations to all employees and qualified applicants without regard to race, ethnicity, color, religion, national origin, sex, age, disability status, pregnancy, sexual orientation, gender identity, genetic information, protected veteran status, or any other protected status under Federal, State or Local laws.
• Pay Transparency Policy: In accordance with Presidential Executive Order 13665, DecisionPoint Corporation will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information.
• Authorization to Share Resume and Personal Information: By expressing your interest and submitting your resume for this position, you authorize DecisionPoint Corporation to share your resume, as well as personal information included on the resume, with its subsidiaries, affiliates and teaming partners for the purpose of considering you for this position and other available positions requiring comparable skills, education and experience. Should DecisionPoint Corporation. or its affiliates and teaming partners wish to initiate pre-employment discussions, you will be asked to complete an employment application and related employment documents.