CSSP Analyst

Koniag Data Solutions, LLC a Koniag Government Services company, is seeking a CSSP Analyst with a Top-Secret security clearance to support KDS and our government customer in Las Vegas, NV.

We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.

• Manage and execute vulnerability management reporting processes for NNSA Subscriber Sites
• Track, draft, and update CSSP policies and procedures in alignment with DoD and federal requirements
• Interface with subscriber sites to provide assistance and ensure operational compliance with established policies
• Support the application of Enterprise Security Management (ESM) through programmatic reviews
• Collaborate with the Information Assurance Response Center (IARC) NOC/SOC for technical implementation of boundary monitoring and incident response
• Work with hardening guidance and standards for DoD in application to CSSP and Subscriber Sites
• Track and maintain annual documentation reviews to ensure compliance and currency
• Develop ESM metrics in Enterprise Archer for CSSP to align with annual reviews
• Support CCRI Auditors for local assessments and provide assistance during auditing activities
• Develop Monthly Site Report (MSR) integration processes, documentation, and train personnel on these processes
• Conduct port, credential scanning, and monthly vulnerability reporting using Tenable Security Center for NNSA Subscriber Sites
• Create and maintain master POC lists for NNSA Subscriber Sites
• Process and manage network diagrams and site portfolios
• Produce monthly hardware and software asset lists as identified by centralized scanning devices
• Conduct annual CSSP hardware and software inventories
• Provide computer security support for an Enterprise network environment
• Develop improvements for TSC scanning, reports, and processes for exception tracking, POC lists, and portfolios
• Develop PKI Policy for CSSP and NNSA Enterprise based on NIST SP 800-32, CNSS-015-2016 Guidance, and DoD NSS PKI Best Practices
• Establish rapport with enterprise site personnel for troubleshooting issues, site notices, document updates, and policy requirements
• Serve as a derivative classifier for classification review following established guidelines
• Work with Enterprise ISSMs to inform changes to ISAs and other enterprise documentation
• Collaborate with Enterprise ISSE Team to support Tenable Security Center and Cyber Tool Access
• Maintain account access to Tenable, including processing forms, confirming training, managing access, and troubleshooting issues

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field
• Minimum of 5+ years of experience in cybersecurity or information security
• Experience with vulnerability management tools and processes, particularly Tenable Security Center
• Experience with cybersecurity policy development and implementation
• Experience with cybersecurity documentation and compliance management
• Experience working with federal agencies, particularly DOE, NNSA, or Department of Defense

• Strong knowledge of cybersecurity principles, practices, and technologies
• Proficiency with vulnerability scanning tools, particularly Tenable Security Center
• Experience with vulnerability management processes and remediation strategies
• Knowledge of NIST frameworks, particularly the Risk Management Framework (RMF)
• Understanding of DoD security requirements and hardening standards
• Strong analytical and problem‑solving skills
• Excellent documentation skills and attention to detail
• Ability to develop and maintain technical documentation
• Experience with asset management and inventory processes
• Ability to develop and deliver technical training
• Excellent communication skills with the ability to build rapport with site personnel
• Knowledge of PKI implementation and management
• Ability to obtain and maintain required security clearance
• Experience with derivative classification and handling of sensitive information
• Familiarity with Enterprise Security Management (ESM) concepts
• Ability to work independently and as part of a team

• Top Secret security clearance/Q

• Master's degree in Cybersecurity, Information Technology, or related field
• Certifications such as CISSP, Security+, CEH, GIAC certifications, or equivalent
• Experience specifically with DOE NNSA cybersecurity requirements
• Experience with Enterprise Archer or similar GRC platforms
• Experience with Command Cyber Readiness Inspections (CCRI)
• Experience developing SOPs and technical documentation
• Knowledge of Information Assurance Response Center (IARC) operations
• Experience with network diagram analysis and documentation
• Prior experience as a derivative classifier
• Familiarity with NNSA classification guides and CUI marking requirements
• Experience with enterprise-wide vulnerability…