Cybersecurity Analyst – ISSO Support Threat & SOC Monitoring

PeopleTec is currently seeking a Cybersecurity Analyst ISSO Support / Threat & SOC Monitoring to support our Camp Roberts (San Miguel California) location.

The Local Defender is a critical cybersecurity role that combines ISSO responsibilities with those of a traditional Security Operations Center (SOC) and a Threat Analyst. The position is pivotal in maintaining the cybersecurity posture of systems under its purview by supporting system authorization implementing cybersecurity policies and ensuring continuous monitoring in accordance with DoD Risk Management Framework (RMF). This individual will proactively manage compliance with cybersecurity directives respond to incidents and support the Government customer by implementing technical and procedural safeguards aligned with RMF controls. The preferred candidate is an experienced ISSO with in-depth knowledge of NIST 800-53 controls the RMF lifecycle and DoD cybersecurity policies (DoDI 8510.01 8500.01 AR 25-2). This role requires the ability to work independently support system owners and lead the documentation authorization and ongoing assessment of information systems.

Requires on-site work and availability as needed during incidents. May require CONUS and/or OCONUS travel to customer sites.

Benefits offered can be found here:Benefits compliance with Californias Equal Pay for Equal Work Act the salary range for this role is $108000 - $140000; however PeopleTec considers several factors when extending an offer including but not limited to the role and associated responsibilities a candidates work experience education/training and critical skills.

Required Skills/Experience:

• Serve as the ISSO in support of the ISO for assigned systems ensuring full compliance with RMF DoDI 8510.01 and NIST SP 800-53 security control baselines.
• Manage and maintain all RMF-related documentation including System Security Plans (SSPs) Security Assessment Reports (SARs) Risk Assessment Reports (RARs) and Plan of Action and Milestones (POA&Ms).
• Conduct security control assessments and facilitate ongoing authorization (ATO/ATC) activities.
• Work directly with system owners administrators and the Government cybersecurity team to ensure all security controls are properly implemented and documented.
• Coordinate and support all phases of the RMF lifecycle from categorization to continuous monitoring.
• Lead vulnerability and compliance assessments using automated tools (e.g. ACAS STIG Viewer) and ensure all findings are remediated or tracked via POA&Ms.
• Participate in Configuration Control Boards (CCBs) and validate that system changes do not negatively impact security controls or the authorization boundary.
• Track and report on system compliance metrics ensuring timely updates to APMS and eMASS and supporting audit readiness activities.
• Develop and deliver security awareness training user role validation and account recertification in accordance with policy.
• Act as liaison with Authorizing Officials (AOs) Control Assessors (CAs) and NETCOM to facilitate ATO packages and compliance reviews.
• Monitor and analyze security events from SIEM platforms firewalls IDS/IPS and EDR tools to detect threats and abnormal activity.
• Support incident response activities and coordinate with local defender to assess impact containment and recovery actions.
• Document all security incidents in alignment with incident handling procedures and provide after-action reports for leadership.
• Ensure that incident findings are mapped back to RMF controls and that system documentation is updated accordingly.
• Monitor Cyber Tasking Orders (CTOs) security bulletins CVEs and threat intelligence feeds for relevance to the operational environment.
• Analyze potential threat vectors and adversary TTPs using frameworks such as MITRE ATT&CK and translate findings into actionable security enhancements.
• Collaborate with stakeholders to recommend technical and policy-based countermeasures aligned with organizational risk tolerance and mission impact.
• Prepare detailed risk assessment reports compliance dashboards and security briefings for senior leadership and stakeholders.
• Submit timely updates and artifacts to eMASS and participate in regular cybersecurity status meetings.
• Provide clear data-driven recommendations for improving system security postures and addressing identified risks.
• Coordinate with mission owners and developers to implement security in system development lifecycles (SDLC).
• Maintain awareness and proper configuration of continuous monitoring tools including SIEMs vulnerability scanners and audit logging tools.
• Ensure tools and scripts used for compliance monitoring (e.g. RMF assessments ACAS scans) are operating effectively and producing accurate outputs.
• Collaborate with system administrators to remediate security findings and improve hardening based on STIGs and best practices.
• Minimum of 10 plus years of work related experience.
• Minimum 2 years of direct ISSO or cybersecurity compliance experience preferably within a DoD or Federal environment.
• DoD 8570 baseline certification.
• Strong working knowledge of RMF NIST SP 800-53 DoDI 8510.01 DoDI 8500.01 CNSSI 1253 and associated security control families.
• Familiarity with vulnerability management tools such as ACAS STIG Viewer and SCAP Compliance Checker.
• Familiarity with (DRAGOS Corelight Splunk Snort).
• Experience managing cybersecurity artifacts within eMASS or other compliance platforms.
• Understanding of NETCOM directives and cybersecurity service provider (CSSP) coordination.
• Travel: 20%
• Must be a U.S. Citizen
• An active DoD Secret clearance is required to perform this work. Candidates are required to have an active Secret clearance upon hire and the ability to maintain this level of clearance during their employment.

Education Requirements:

• Bachelors degree in Cybersecurity Computer Science Information Assurance or a related field (or equivalent experience).Minimum of 3 related certifications may be used in place of related academic field.

Physical Job Requirements:

• Work is performed with little or no direct supervision. Work may be performed both indoors and outdoors. May require travelling to less desirable locations. Work may require being able to lift carry or move items up to approximately forty pounds. Work may require climbing on military equipment.

Desired Skills:

• Experience supporting Authority to Operate (ATO) processes both initial and continuous monitoring.
• Strong analytical skills for evaluating control effectiveness incident impact and system vulnerabilities.
• Proficiency in security documentation audit preparation and stakeholder communication.
• Familiarity with scripting (e.g. PowerShell Python) for automating compliance checks or log analysis.
• Demonstrated ability to balance RMF compliance with operational mission support.
• Previous experience with Dragos OT Sensor Equipment Preferred.
• Certifications: CompTIA Security CISSP or equivalent DoD 8570 IAT Level II/III certification; CAP (Certified Authorization Professional); CISM; GSNA or RMF-focused GIAC certifications.

People First. Technology Always.

PeopleTec Inc. is an employee-owned small business founded in Huntsville AL that provides exceptional customer support by employing and retaining a highly skilled workforce.

Culture: The name PeopleTec was deliberately chosen to remind us of our core value system - our people. Our companys foundation was built on placing our employees and customers first. With an award-winning atmosphere we have matured into a company that boasts the best and brightest across multiple technical fields.

Career: At PeopleTec we value your long-term goals. Whether its through our continuing-education opportunities our robust training programs or our People First benefits package PeopleTec truly believes that our best investments are our people.

Come Experience It.

#cjpost #dpost

EEO Statement

PeopleTec Inc. is an Equal Employment Opportunity employer and provides reasonable accommodation for qualified individuals with disabilities and disabled veterans in its job application procedures. If you have any difficulty using our online system and you need an accommodation due to a disability you may use the following email address and/or phone number (256.319.3800) to contact us about your interest in employment with PeopleTec Inc.

All qualified applicants will receive consideration for employment without regard to race color religion sex sexual orientation gender identity national origin age genetic information citizenship ancestry marital status protected veteran status disability status or any other status protected by federal state or local law. PeopleTec Inc. participates in E-Verify.