Jobs · Information Technology · California

Cyber Security Analyst/ISSO

Areté · Northridge, California, United States · 1 mo ago
Information Technology$80k–$90k/yrFull-time

About the role

Areté is seeking a full-time Cyber Security Analyst/Information Systems Security Officer to join our Northridge, CA facility. The ideal candidate will have and maintain a Top-Secret security clearance with SCI access, including a CI polygraph.

Primary Responsibilities

  • Perform duties as ISSO in accordance with JSIG, RMF, and NIST 800-53.
  • Develop, maintain, and update security authorization documentation including System Security Plans (SSPs), Plan of Actions and Milestones (POA&M), SCTMs, ConMon Reports, and audit logs.
  • Conduct security control implementation, validation, and assessment activities.
  • Perform and document system audits and risk analysis.
  • Manage and execute Continuous Monitoring (ConMon) tasks to ensure compliance throughout the system lifecycle.
  • Support configuration management (CM) processes with a minimum of 1-2 years direct CM experience, including review and documentation of system changes, baseline management, and change control.
  • Provide incident response support, including investigation, reporting, and remediation of security events.
  • Support preparation for internal and external inspections and assessments.
  • Support ISSM with other duties as assigned.

Qualifications

  • Active Top Secret security clearance with ability to obtain a CI polygraph.
  • 1-2 years of experience performing ISSO or equivalent cybersecurity duties for classified systems.
  • Demonstrated experience with JSIG, RMF, and NIST 800-53 security controls.
  • Hands-on experience in security auditing, continuous monitoring, and documentation of control implementation.
  • Current IAT Level II Security Certification or higher (Security+, CASP, CySA+, CISSP, GSEC).
  • Solid technical knowledge on how Windows and Server operating systems are hardened.
  • Experience with common information system Cyber Security tools, technologies, and STIGs (Nessus/ACAS, SCAP Compliance Checker, STIG Viewer, Microsoft Group Policy, etc.).
  • Strong interpersonal skills, technical writing skills, and the ability to work autonomously and on a team.
  • Strong written communication skills and the ability to document/diagram information systems and procedures.
  • Must be able to lift 25 pounds.

Benefits

  • Health & Wellness
  • Life and Long-Term Disability (LTD)
  • Vision Reimbursement
  • Fitness Reimbursement
  • Financial
  • Company-funded 5% contribution to your 401(k) retirement plan
  • Company-funded 5% contribution to your Employee Stock Ownership Plan
  • Continuing Education Assistance
  • Work-Life Balance
  • Flexible Scheduling
  • Paid Time Off (PTO)
  • Paid Parental and Bereavement Leave

What We Value

  • Creativity and innovation in solving challenges
  • Integrity and responsibility in all actions
  • Collaboration across teams and specialties
  • Responsiveness in fast-paced environments
  • Passion for national security and excellence

Experiences and Background We Look For

  • Active Top Secret security clearance with ability to obtain a CI polygraph.
  • 1-2 years of experience performing ISSO or equivalent cybersecurity duties for classified systems.
  • Demonstrated experience with JSIG, RMF, and NIST 800-53 security controls.
  • Hands-on experience in security auditing, continuous monitoring, and documentation of control implementation.
  • Current IAT Level II Security Certification or higher (Security+, CASP, CySA+, CISSP, GSEC).
  • Solid technical knowledge on how Windows and Server operating systems are hardened.
  • Experience with common information system Cyber Security tools, technologies, and STIGs (Nessus/ACAS, SCAP Compliance Checker, STIG Viewer, Microsoft Group Policy, etc.).
  • Strong interpersonal skills, technical writing skills, and the ability to work autonomously and on a team.
  • Strong written communication skills and the ability to document/diagram information systems and procedures.
  • Must be able to lift 25 pounds.

Nice to Have

  • Knowledge of the Risk Management Framework is a plus.
  • Experience with Security Directives, Policies, Publications and Regulations including but not limited to the NIST 800-171, NIST 800-53, JSIG and/or ICD 503.
  • Experience in one or more of the following Cybersecurity tools/technologies: SIEM or Log Reduction & Analysis Tools, McAfee ePO, SCC Tool, Bitlocker, Rapid7 IDR, InsightVM.
  • Technical knowledge on how Linux (RHEL 8/9) systems are configured, hardened, and managed.

Similar jobs

Cybersecurity Manager/ISSO

General Dynamics Information TechnologyAndrews AFB, MD· 2 wk ago
Information Technology$124k–$166k/yrapply on gdit.wd5.myworkdayjobs.com