Information Assurance; IA Analyst

As an Information Assurance (IA) Analyst, you will play a critical role in protecting an organization's data, systems, and networks by ensuring confidentiality, integrity, and availability (CIA triad). Our work depends on an IA Analyst joining our team to assess risks, enforce security policies, and maintain compliance with government and industry standards. You will be responsible for risk management, vulnerability assessments, compliance monitoring, security documentation, and incident response, supporting the organization’s mission to maintain a secure and resilient IT environment.

• Performs Assessment & Authorization (A&A) activities under the Risk Management Framework (RMF) to obtain and maintain Authorization to Operate (ATO) for systems.

• Conducts vulnerability assessments using tools such as Nessus, Nmap, or ACAS to identify and remediate security gaps.

• Integrates security solutions into developing information system environments, ensuring secure system architecture throughout the SDLC.

• Develops and technically executes remediation strategies and corrective courses of action for vulnerabilities identified during risk assessments or continuous monitoring.

• Collaborates with development and information security staff to provide technical artifacts, system diagrams, and engineering documentation required for Assessment and Authorization (A&A) activities

• Monitors compliance with standards such as NIST SP
  -53, CNSSI , and FISMA to ensure systems meet regulatory requirements.

• Maintains and updates System Security Plans (SSP) and Plan of Action and Milestones (POA&M) documentation.

• Participates in incident response activities to detect, report, and mitigate security incidents.

• Utilizes key security tools including eMASS, ACAS, Nessus, Nmap, Burpsuite, HBSS, Splunk, and Tanium.

• Bachelor’s degree in cybersecurity, computer engineering, or a related IT field.

• 3+ years of experience in IT security, particularly within DoW or government environments.

• DoD / IAT Level II or III certifications required (e.g., Security+, CISSP, CAP, CASP+).

• Active Secret or Top Secret (TS/SCI) clearance is required.

• Technical proficiency in securely deploying, hardening, and integrating commercial off-the-shelf (COTS) and Open-Source Software (OSS) tools.

• Hands‑on engineering experience with Amazon Web Services (AWS) Gov Cloud, including configuring cloud-native security services and secure network architectures.

• Deep technical understanding of data, application, and networking technologies. This includes encryption protocols, boundary defense, and identity management.

• Ability to engineer and implement technical solutions that satisfy National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) requirements.

• Proficiency with automated vulnerability scanning tools, secure configuration management, and technical risk mitigation.

• Hands‑on experience with Dev Sec Ops  methodologies, including securing CI/CD pipelines, Infrastructure as Code (IaC), and automated deployment models.

• Customer Site (Tampa, FL).

• US Citizenship