Junior – Information Security Analyst (on-site w/ possibility of some hybrid)

Company Overview:

Work Where it Matters

Cloud Lake Technology, an Akima company, is not just another federal IT contractor. As an Alaska Native Corporation (ANC), our mission and purpose extend beyond our exciting federal projects as we support our shareholder communities in Alaska.

At Cloud Lake, the work you do every day makes a difference in the lives of our 15,000 Iñupiat shareholders, a group of Alaska natives from one of the most remote and harshest environments in the United States.

For our shareholders, Cloud Lake provides support and employment opportunities and contributes to the survival of a culture that has thrived above the Arctic Circle for more than 10,000 years.

For our government customers, Cloud Lake delivers highly specialized, data-centric services and technology solutions that break down organizational boundaries and transform mission delivery.

As a Cloud Lake employee, you will be surrounded by a challenging, yet supportive work environment that is committed to innovation and diversity, two of our most important values. You will also have access to our comprehensive benefits and competitive pay in addition to growth opportunities and excellent retirement options.

Description:

This team member will assist with developing security measures for the protection of data, systems, and networks. Investigate and respond to vulnerability and compliance issues. Assist with the development of SOPs to ensure good and sound IT practices during the building/testing/deployment/analysis of software packages in the environment

Work Location: This position is "on-site" at customer location in Ashburn, VA but has the possibility of being Hybrid.

To join our team of outstanding professionals, apply today!

Responsibilities:

• Supports the execution of the Risk Management Framework (All facets, especially Continuous Monitoring)
• Participates and assists with required Security Assessment & Authorization (SA&A) activities
• Assists with performing conformance testing to assess whether a system complies with defined specifications or standards (system and application baselines)
• Assists other team members with the test bed environment to test and verify hardware and support peripherals to ensure that they meet specifications and requirements by recording and analyzing test data
• Creates auditable evidence of security measures
• Assists with conducting and monitoring Independent Validation and Verification (IV&V) testing for software applications and systems
• Advises appropriate senior leadership or authorizing official of charges affecting the organization's information assurance posture
• Collects and maintains data needed to meet system information assurance reporting
• Coordinates with team members to help ensure that information assurance inspections, tests, and reviews are coordinated for the environment
• Performs operational security tasks as assigned to include incident handling and analysis and prepare appropriate reports to keep senior leadership informed
• Utilizes existing security tools in place to perform RMF continuous monitoring activities
• Ability to analyze port, protocol, and network traffic information to make intelligent decisions regarding the real-time information security posture of the organization
• Adheres to the information assurance requirements which are integrated into the continuity planning for that system and/or organization(s)
• Supports corporate business development by providing subject matter expertise in the development of proposals, white papers, and requests for information as needed

Qualifications:

• Exposure to Information Certification & Accreditation Regulations, Federal Information Security Management Act (FISMA), and National Institute of Standards and Technology (NIST) guidance
• Ability to Identify, collect, process, document, and report cyber security/incident response events
• Assisting senior team members and government leads with developing and implementing cyber security/incident response policies and procedures; engineering, testing, installing, patching, and upgrading various information security hardware and software applications
• Contingency plan creation, modification, and testing
• Exposure to Zero Trust Implementation and environment
• Experience with Tenable Nessus, Security Center, Tanium (not required, but nice to have)
• Experience with SPLUNK or other SEIM a plus
• Experience with ISVM, Security Patch/Patches, Vulnerabilities, Configuration (STIGs), and GPO/Group Policy
• Exposure to CISA KEV list and implementation deadlines
• Exposure to operations-based testing scenarios
• Ability to recommend improvements to internal processes to maximize customer service levels and improve overall security posture of the organization
• Excellent time management skills, with ability to juggle multiple priorities and complete tasks on time
• Strong analytical skills with the ability to analyze data sets to determine trends, establish strategies, and make decisions about real time threats as well as identification and elimination of false positives from operational reports
• Outstanding interpersonal and communication skills with the ability to effectively communicate across diverse audiences
• Self-starter, ability to work effectively both independently and as part of a team including the ability and desire to own every aspect of a task from start to finish

Desired Qualifications:

• Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or related degree (work experience in IT field, military operations, and/or certifications may be considered in lieu of education)
• Open to true entry level candidate but prefer 1-3 years’ experience with some education or 4-6 without
• Current CBP Background Investigation or Top Secret clearance adjudicated within the last 5 years (highly preferred)
• Relevant Certifications: ISC2 Certified in Cyber or CompTIA Security+
• Additional Certifications: Network+, MDA, Azure, and/or Intune are a plus
• Exposure to Cloud Endpoint Management (Microsoft Entra ID, Microsoft Intune, Adobe Cloud, Beyond Trust, etc.) – a plus
• Exposure to PowerShell, Power Automate, PowerBI or SQL to automate processes and provide reports - a plus

Regular - The company offers a comprehensive benefits program, including medical, dental, vision, life insurance, 401(k) and a range of other voluntary benefits. Paid Time Off (PTO) is offered to regular full-time and eligible part-time employees.

Job ID: 2025-15819

Work Type: Hybrid