Cybersecurity and Information Assurance Analyst (On-Site)

Position Description: The Cybersecurity and Information Assurance (IA) Analyst provides enterprise-level cybersecurity and information assurance support for Joint Pathology Center (JPC) information systems., * Above average experience supporting cybersecurity operations including monitoring networks, systems, and applications for security events and vulnerabilities

• Above average experience supporting Risk Management Framework (RMF) activities (e.g., System Security Plans, POA&Ms, Security Assessment Reports, authorization packages)
• Above average experience supporting assessments and Authorization to Operate (ATO) activities
• Experience supporting patching, configuration changes, and compensating controls
• Experience coordinating with system administrators, application developers, and database administrators to ensure timely mitigation of vulnerabilities
• Experience implementing, validating, and maintaining technical, administrative, and operational security controls in accordance with applicable DoD standards
• Experience with Security Technical Implementation Guides (STIGs)
• Experience developing and maintaining cybersecurity and IA documentation
• Experience supporting a federal agency

General Physical Requirements needed to perform the essential functions of this job may vary based on the location of the assignment.

• Assignment Location - Joint Pathology Center, 606 Stephen Sitter Ave, Silver Spring, MD 20910
• Sedentary Work - Exerting up to 10 pounds of force occasionally and/or a negligible amount of force frequently or constantly to lift, carry, push, pull or otherwise move objects.
• Typing, communicating, repetitive motions.
• Close visual acuity to prepare and analyze data, view computer monitors and read. May need to view presentation screens and other visual aids in a virtual setting.
• Inside environmental conditions with protection from outside elements.

Security: Active DoD Secret Clearance; Ability to obtain DoD Top Secret Clearance as needed

• U.S. Citizenship

DoD Clearance Consists of a review of up to but not limited to:

• Covers 10 year period and in some instances lifetime events
• OPM Security Investigations Index (SII)
• DOD Defense Central Investigations Index (DCII)
• National Agency Check (NAC) records
• FBI name check
• FBI fingerprint check
• Credit report check
• A check of local law enforcement agencies with jurisdiction over the areas where the applicant has lived, worked, or attended school
• Education check- Attendance and Degrees
• Employment verification -may include interviews of supervisors and/or co-workers
• Corroboration of unemployment
• May include reference interviews
• May include interviews of the individual, former spouse (s)
• Confirmation of all residences
• Verification of public record information

Acceptable Credentials

Tasks/activities include, but are not limited to:

• Monitors JPC networks, systems, and applications for security events, vulnerabilities, and anomalous activities
• Analyzes security alerts, logs, and audits data to identify potential threats and incidents
• Coordinates incident response activities, including investigation, containment, mitigation, and recovery actions
• Supports continuous monitoring activities in accordance with DoD cybersecurity requirements
• Assists with the development, review, and maintenance of RMF artifacts
• Tracks and remediates security findings to support system ATO
• Tracks, analyzes, and manages Information Assurance Vulnerability Alerts (IAVAs), Information Assurance Vulnerability Bulletins (IAVBs), and Information Assurance Vulnerability Management (IAVM) actions
• Supports the application of STIGs for operating systems, applications, databases, and network devices
• Performs configuration assessments and compliance checks using approved security tools and methodologies
• Assists in cybersecurity incident response activities, including detection, analysis, reporting, and recovery
• Supports root cause analysis and documentation of cybersecurity incidents
• Coordinates with government stakeholders and external organizations as required during incident response activities
• Develops and maintains cybersecurity and IA documentation, including policies, procedures, and system security documentation
• Provides regular cybersecurity status reports, risk assessments, and compliance updates to the Contracting Officer (COR) and designated stakeholders
• Maintains accurate records of vulnerabilities, incidents, and remediation actions
• Serves as cybersecurity advisors to JPC leadership and technical teams
• Provides guidance on cybersecurity best practices, secure system design, and risk mitigation strategies
• Coordinates cybersecurity activities with system administrators, application developers, and other IT support personnel

Do you have experience in Vulnerability management?, Do you have a Bachelor's degree?, Minimum/General Experience: 10 years of cybersecurity and information assurance experience

Minimum Education: Bachelors Degree in information technology, computer science, cybersecurity, engineering, or related field; Active certification meeting Cyber IT/Cybersecurity Workforce (CSWF)/Information Assurance Technician (IAT) Level II requirements (e.g., Security+ CE, CySA+, CND, GSEC, GICSP, SSCP)

Pulled from the full job description

• Prescription drug insurance
• Health insurance
• Vision insurance
• Dental insurance
• Life insurance
• Disability insurance, CompensationBenefits: The annual projected pay range for this position is $120,411 - $143,783 with consideration being given to various factors including but not limited to qualifications, experience, job responsibilities, and geographic location.

Oxley Enterprises, Inc. offers a full array of benefits including:

• Medical, dental, vision and prescription drug coverage for you and your family.
• Life Insurance, short-term disability and long-term disability paid for by the Company.
• Supplemental coverages including Accident, Critical Illness, and Hospital.
• Additional Life insurance coverage for you and your dependents.
• 401k plan with various options to select based on your retirement goals.

Oxley Enterprises, Inc. is a certified service-disabled veteran-owned (SDVOSB), veteran-owned (VOSB), and woman-owned small business (WOSB) that has 26 years of experience building and delivering quality IT systems and programs. Oxley is ranked in the INC 5000 7 times (2016, 2017, 2018, 2021, 2023, 2024, 2025). Oxley is a 2019 - 2025 Department of Labor HIRE Vets Medallion Award Winner. Oxley is Virginia Values Veterans certified.