Sign Up Sign Up Log In Sign Up
This job has expired and you can't apply for it anymore. Start a new search.

IT Security Analyst

Company Overview

For 30 years, clients in the private and public sectors have relied upon SOS International LLC (SOSi) for critical operations in the world’s most challenging environments. SOSi is privately held, was founded by its current ownership in 1989, maintains corporate headquarters in Reston, VA, and specializes in providing logistics, construction, training, intelligence, and information technology solutions to the defense, diplomatic, intelligence and law enforcement communities.

All interested individuals will receive consideration and will not be discriminated against on the basis of race, color, religion, sex, national origin, disability, age, sexual orientation, gender identity, genetic information, or protected veteran status. SOSi takes affirmative action in support of its policy to advance diversity and inclusion of individuals who are minorities, women, protected veterans, and individuals with disabilities.

5-190301-8635: IT Security Analyst
LocationU.S. - Arizona - Fort Huachuca
Open Date3/1/2019

STG, a wholly owned subsidiary of SOS International LLC (SOSi), has an immediate opportunity as an IT Security Analyst located at Ft. Huachuca, AZ! This position will support the RCC-C, which provides cutting-edge technology to in an enterprise environment


  • Responsible for the day to day operations of conducting routine IA Audits on all Information Systems (IS) to ensure the appropriate IA security controls have been applied and maintained
  • Coordinate directly with cross functional teams and management to resolve all compliance issues
  • Evaluate IS for compliance in accordance with RMF 800-53 Controls and Special Directives
  • Record and/or prepare artifacts associated with the audit to ensure a repository for all system RMF documentation is kept current
  • Provide C&A support in the development of security and contingency plans by conducting risk and vulnerability assessments
  • Use the 800 Series NIST Special Publications as reference for C&A, system security plans, risk assessment, and other security requirements
  • Perform security focused reviews and analysis of network topologies and devices configurations for use of restricted ports and protocols; implementation of sound security concepts and design; DISA Security Technical Implementation Guides (STIGs) compliant network configuration of Cisco, Brocade, Juniper, and Bluecoat devices
  • Use automated security scanning tools (SCAP, ACAS, BNA, etc.) to identify potential vulnerabilities
  • Analyze and report findings to technical teams and leadership for appropriate tracking and mitigation
  • Research RFIs from technical teams regarding DISA STIG checklists, regulations and/or BBPs
  • Explain requirements to systems administrators in detail to ensure proper understanding and clarity
  • Review proposed courses of action from technical teams and recommend the most secure option while balancing operations and/or mission requirements
  • Assist in the identification, tracking and remediation of security risks discovered on information systems
  • Prepare and deliver detailed written reports and oral presentations to the Security Manger, Information Assurance Manager and other senior leaders or staff within the RCC-C
  • Coordinate with both internal and external entities to improve established processes and procedures; ensuring efficient execution of all analysis, tracking, mitigation and reporting requirements
  • Create, edit, and review organization and team level documentation for clarity and accuracy and assist with development of security related TTPs, SOPs, processes, plans, or diagrams
  • Participate in 24x7 on-call support rotation with other team members
  • Support and/or lead special projects as required
  • Complete other duties as assigned by management

  • HS + 4 years of IT/Cyber experience or AA/AS +2 or BA/BS
  • To include up to 2 years experience IA/IT experience
  • IAT II (Security+CE, SSCP or equivalent) certification required
  • DISA ACAS certification within 180 days of hire
  • Secret clearance or ability to obtain interim


  • Possess exceptional communication and interpersonal skills
  • Knowledge of eMASS
  • Knowledge of network specific DISA Security Technical Implementation Guides and checklists
  • Experience performing IA audits within a DoD organization
  • Experience with Risk Management Framework (RMF)


  • Work environment is a normal office setting

Send me email alerts for similar jobs