STIG Compliance Analyst

We are seeking a highly skilled and innovative STIG Compliance Analyst to join our team in the greater DMV area supporting the Army National Guard.

Responsibilities

• Review system configurations and validate security settings to enforce DISA STIG/SRG hardening across servers workstations applications and network devices.
• Conduct STIG assessments using approved tools (STIG Viewer ACAS) identify noncompliant configurations and record findings per DoD/Army/RMF requirements.
• Apply configuration updates and hardening measures coordinate remediation with system administrators and validate postremediation compliance.
• Maintain authoritative STIG checklists version control change logs and configuration baselines to support auditability.
• Upload compliance artifacts evidence and updated checklists into eMASS and enterprise tracking tools; support POA&M creation and tracking.
• Produce routine compliance reports vulnerability summaries and dashboards to support CCRI readiness and continuous monitoring.
• Perform configuration audits across dev/test/staging/production environments and verify adherence to RMF control requirements.
• Collaborate with ISSOs cybersecurity teams engineers and system owners to interpret STIG guidance and resolve recurring compliance issues.
• Contribute to process improvement by refining hardening procedures documentation and automated validation workflows.

#ENOCS

Qualifications

• 2 years with BS/BA; 0 years with MS/MA; 6 years with no degree

• Clearance: Active TS/SCI clearance.

• Candidate must meet ONE of the following:

  • Bachelors degree in Information Technology Cybersecurity Computer Science or a related field; OR
  • Relevant professional certification or equivalent experience (examples: CGRC (CAP); CySA; CompTIA CASP); OR
  • Relevant DoD/military training (examples: DISA ACAS / STIG Viewer training).

• Required experience and skills:

  • Handson STIG compliance system hardening or cybersecurity operations experience.
  • Practical experience using DISA STIG Viewer ACAS/Nessus scanning and eMASS or equivalent RMF evidence/workflow tools.
  • Strong ability to apply STIG/SRG configurations document findings validate remediation and maintain configuration baselines.
  • Proficiency producing compliance reports dashboards and evidence packages to support inspections and accreditation.
  • Good collaboration and communication skills to work with system owners ISSOs and engineering teams.

• Desired:

  • Prior DoD/ARNG STIG/CCRI support experience and familiarity with multidomain (NIPR/SIPR) compliance constraints.
  • Experience automating STIG validation configuration enforcement (e.g. via DSC/Ansible) and integrating checks into CI/CD pipelines.

#ENOCS

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the worlds leading mission capability integrator and transformative enterprise IT provider we deliver trusted highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land sea space air and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day our employees do the cant be done by solving the most daunting challenges facing our customers. Visit to learn how were keeping people around the world safe and secure.