Systems Security Analyst

ADG Tech Consulting, LLC.
Vienna, United States of America
25 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Compensation
$ 110K

Job location

Vienna, United States of America

Tech stack

Microsoft Excel
JIRA
Decision Support Systems
Software Vulnerability Management
Information Security Management System
Cloud Platform System
Generative AI
Nessus
CIS Benchmarks
Devsecops
ServiceNow

Job description

  • Serve as the security technical SME, collaborating with the delivery team project manager and leading a security team of approximately five members
  • Act as the security technical SME in interactions with government project customers, ISSOs, and ISMs
  • Define, implement, and manage security team processes and procedures, ensuring team understanding and compliance
  • Oversee technical aspects of handling identified security weaknesses and POA&Ms from intake through remediation
  • Support the development team in executing and enhancing the DevSecOps process, aligning with the customer's "security to the left" requirement

Requirements

Do you have experience in Vulnerability management?, * Extensive knowledge of federal cybersecurity governance, risk management, and continuous monitoring processes, including RMF, NIST SP 800-53, NIST CSF, A&A/C&A, POA&M management, and control validation

  • Proficient in interpreting and applying security hardening standards and compliance baselines (DISA STIGs, CIS Benchmarks, CVEs), and assessing technical findings against organizational security requirements
  • Skilled in vulnerability management workflows, including Tenable/Nessus scan analysis, validation of findings, identification of false positives, and translating vulnerabilities into remediation or POA&M actions
  • Experienced in weakness and POA&M remediation through review of SSPs, assessment results, scans, remediation artifacts, and risk analysis in accordance with NIST and federal standards
  • Capable of updating and maintaining SSP documentation for enterprise and cloud environments, including control tailoring, inheritance documentation, and alignment with RMF, FedRAMP, and federal requirements
  • Proficient in managing vulnerability and POA&M workflows across CSAM/GRC, WTT/ServiceNow, Jira, and Excel, ensuring data alignment, traceability, and closure readiness
  • Able to participate in security audits and assessments, interpret findings, and coordinate remediation and evidence collection for compliance and operational requirements
  • Strong documentation skills, translating complex workflows into clear process diagrams, SOPs, and management-ready summaries for cross-functional teams
  • Experienced in leveraging Generative AI tools to enhance cybersecurity workflows, research, documentation, and decision support, with careful attention to information sensitivity and validation
  • Active CISSP certification desired, but not required

Apply for this position