Cyber Analyst

About the Role:

The candidate will serve as a Cyber Analyst supporting continuous cybersecurity monitoring, vulnerability analysis, and risk mitigation for a federal cybersecurity modernization program. They will operate within a multi-cloud General Support System (GSS) spanning AWS GovCloud, Azure Government Community Cloud (GCC), Google Cloud Platform (GCP), and centralized cloud administration, identifying and triaging security risks, threats, and vulnerabilities affecting agency networks, systems, and applications.

The ideal candidate will bring hands-on experience with cloud-native continuous monitoring tooling and a strong working knowledge of the NIST Risk Management Framework (RMF). They will translate findings from AWS Security Hub, Microsoft Defender for Cloud, and GCP Security Command Center into actionable intelligence and measurable risk reduction, working alongside the program's automation engineers and architects.

They will support the program's transition from manual, document-driven compliance to engineering-driven Governance, Risk, and Compliance (GRC) by validating automated compliance checks, contributing to Policy-as-Code (PaC) workflows, and feeding outputs into real-time dashboards that support operational decision-making.

Role Responsibilities:

• Monitor, triage, and analyze alerts and findings produced by AWS Security Hub, Microsoft Defender for Cloud, GCP Security Command Center, and other DoD-approved continuous monitoring services.

• Identify and assess security risks, threats, and vulnerabilities affecting agency networks, systems, applications, and emerging technology initiatives across cloud and legacy environments; recommend mitigation measures.

• Support the design, implementation, and tuning of cybersecurity controls aligned with DoDI 8510.01 (RMF), NIST SP 800-53, and DISA STIG requirements.

• Validate the output of automated, version-controlled compliance checks executed against the Policy-as-Code (PaC) framework; investigate deviations and coordinate remediation with engineering and IA teams.

• Contribute to enterprise-wide cybersecurity requirements derived from user, policy, regulatory, and resource demands across the multi-cloud GSS.

• Support automation of security operations using Python, JSON, and AWS boto3, contributing to detection, response, and reporting workflows.

• Develop deliverables, performance metrics, and inputs to the Continuous Monitoring Dashboards supporting agency leadership reviews and quarterly governance reporting cycles.

• Contribute to KPI achievement, including real-time dashboard visibility into at least 90% of cloud-native systems where PaC is implemented and reduction in manual security enforcement activities by at least 15% within 12 months.

• Support stakeholder workshops, governance meetings, and workforce training that sustain enterprise adoption of automated controls and cross-train the agency GRC team.

‍

Required Education & Qualifications:

• Bachelor's degree in a cybersecurity-related discipline; or any Bachelor's degree paired with a cyber-related certification of CISSP or higher.

• Five (5) years of related cybersecurity experience.

• Demonstrated experience with continuous monitoring tooling, vulnerability analysis, and cloud security operations.

• Working knowledge of NIST SP 800-53, NIST RMF, DoDI 8510.01, and DISA STIGs.

• Experience analyzing findings from cloud-native security platforms (AWS Security Hub, Microsoft Defender for Cloud, GCP Security Command Center, GuardDuty, or equivalent).

• Experience identifying security risks, threats, and vulnerabilities of networks, systems, applications, and new technology initiatives, and recommending mitigation measures.

‍

Desired Skills:

• Hands-on scripting experience in Python, JSON, and AWS boto3 for security automation.

• Familiarity with Policy-as-Code (PaC) frameworks and Infrastructure-as-Code tooling such as Terraform, Ansible, or AWS CloudFormation.

• Experience supporting Authorizations to Operate (ATOs) and contributing to ATO artifacts.

• Familiarity with multi-cloud architectures spanning AWS GovCloud, Azure Government, and Google Cloud Platform.

• Experience with SIEM platforms, endpoint protection, and integrity monitoring tooling.

• Knowledge of Common Vulnerabilities and Exposures (CVE), Common Weakness Enumeration (CWE), and Common Vulnerability Scoring System (CVSS).

‍

Clearance and Location Requirements:

• Active U.S. Security Clearance is required.

• This hybrid role requires onsite work at a Department of Defense (DoD) facility.

‍