Cybersecurity Analyst

Support the full Risk Management Framework (RMF) lifecycle, including control identification, tailoring, and evidence collection. Develop, maintain, and validate Authorization to Operate (ATO) packages, ensuring all artifacts are current and traceable in eMASS. Support security assessments and audits, ensuring system configurations meet DoD and DISA STIG/SRG baselines. Coordinate Tier 3 cybersecurity support, analyzing incidents, escalating unresolved vulnerabilities, and applying mitigations. Develop and update System Security Plans (SSPs), Security Assessment Reports (SARs), and Plan of Action and Milestones (POA&Ms). Track vulnerability remediation status and report compliance metrics to leadership and system owners. Assist in developing Continuous Monitoring Strategies and dashboards that align with DoD cybersecurity directives. Participate in technical reviews to ensure security considerations are integrated into design and sustainment phases. Collaborate with engineers, administrators, and auditors to close findings and maintain ATO compliance across IL environments. Conduct continuous vulnerability scanning using Tenable ACAS, AWS Inspector, or equivalent tools, and validate remediation effectiveness. Review and analyze audit logs for unauthorized activity, configuration drift, and potential security incidents. Manage and track encryption key rotation, certificate renewals, and credential lifecycle to ensure data protection compliance. Validate system and application patches to ensure proper deployment, configuration alignment, and functional stability. Correlate scan and log data to identify patterns and potential risks across cloud and hybrid infrastructure. Support incident response activities through forensics analysis and coordinated remediation actions. Assist in maintaining SIEM dashboards, ensuring timely alerts and accurate risk categorization. Generate reports summarizing vulnerabilities, patch compliance, and audit results for leadership and stakeholders. Recommend and implement security automation enhancements to streamline scanning, alerting, and reporting functions. Contribute to the Continuous Service Improvement (CSI) process by identifying recurring issues and suggesting mitigation strategies.