Senior Cybersecurity Analyst; ISSM - Hybrid

Job Title:

Senior Cybersecurity Analyst (Information System Security Manager - ISSM)

Location:

San Antonio, TX or Montgomery, AL
Clearance:
Secret (Required)

Employment Type:

Full-Time

OTS is seeking a Senior Cybersecurity Analyst (Information System Security Manager - ISSM) to oversee Risk Management Framework (RMF) accreditation, Federal Information Security Modernization Act (FISMA) compliance, and security control implementation. This role requires hands‑on experience with cybersecurity automation tools and compliance enforcement across Cloud One programs. The hybrid role allows flexibility to work remotely but requires on‑site presence at any approved SIPR facility as needed.

• Security Documentation:
  Responsible for the creation, maintenance, and management of all cybersecurity documentation, ensuring accuracy, completeness, and compliance with Department of Defense (DoD) and federal standards.
• Code Scans:
  Accountable for the completion and accuracy of static and dynamic code scans using tools such as Checkmarx and Sonar Qube, ensuring all findings are addressed and documented.
• Open-Source Library Scans:
  Accountable for conducting and reporting on open‑source software library scans using tools like Dependency‑Track, ensuring all vulnerabilities are tracked and mitigated.
• Cybersecurity and Authorization to Operate (ATO):
  Responsible and accountable for all aspects of cybersecurity posture and the successful completion of the ATO process, ensuring systems meet all compliance requirements for operation.
• Assured Compliance Assessment Solution (ACAS) Scans:
  Responsible and accountable for scheduling, conducting, and reporting on ACAS vulnerability scans, and for the timely remediation of findings.
• C5
  
  ISR Interrogator Reporter:
  Responsible and accountable for managing and reporting through the Command, Control, Communications, Computers, Combat Systems, Intelligence, Surveillance, and Reconnaissance (C5
  
  ISR) Interrogator system, ensuring accurate and timely submission of required cybersecurity data.
• Enterprise Mission Assurance Support Service (eMASS) and Plan of Action and Milestones (POA&M):
  Responsible and accountable for maintaining all eMASS records, including the creation and management of POA&M items to track and resolve security weaknesses.
• STIG Checks:
  Perform Security Technical Implementation Guide (STIG) checks and collaborate on security control mitigations.
• JIRA Workflow Support:
  Provide JIRA workflow support, reviewing tickets and ensuring Information Assurance (IA) requirements are met.
• Continuous Monitoring:
  Support continuous cybersecurity monitoring and vulnerability tracking for mission applications.

• Bachelor's degree in Cybersecurity, Information Technology (IT), or a related field OR equivalent experience.
• Information Assurance Manager (IAM) Level III Certification (Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), GIAC Security Leadership Certification (GSLC), or equivalent).
• 15+ years of experience in DoD cybersecurity operations.
• Proficiency with Sonar Qube, Dependency-Track, ACAS, and STIG compliance.
• Experience with eMASS, RMF, and cybersecurity compliance in DoD or federal agencies.

Office environment. Requires ability to provide clear, concise, accurate and timely communication, both verbally and in writing (100%). Requires ability to interact professionally with co‑workers, management, and client (100%). Occasional business travel may be required. Only requested and approved expenses will be covered by OTS.

OTS is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action-Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or protected veteran status. U.S. Citizenship is required for most positions.