View all jobs
Information Security Analyst (Mid-Level / Journeyman)
Arlington, VA · Information TechnologyInformation Security Analyst (Mid-Level / Journeyman)
Position Title: Information Security Analyst (Mid-Level / Journeyman)
Position Type: Full Time Employee
Location: Arlington, VA (within 50 miles of ARNG Readiness Center, TARC)
Clearance Requirement: Top Secret (TS/SCI Preferred)
Salary Range: $138,000 – $155,000
Start Date: Contingent upon contract award
The ideal candidate has hands-on experience in vulnerability assessment, penetration testing, and defensive cyber operations within DoD or federal environments. This position plays a critical role in identifying and mitigating threats to the ARNG's DoDIN-A(NG) network spanning 2,800 locations nationwide.
Position Title: Information Security Analyst (Mid-Level / Journeyman)
Position Type: Full Time Employee
Location: Arlington, VA (within 50 miles of ARNG Readiness Center, TARC)
Clearance Requirement: Top Secret (TS/SCI Preferred)
Salary Range: $138,000 – $155,000
Start Date: Contingent upon contract award
Position Overview
Emerald Technical Solutions is seeking a mid-level (Journeyman) Information Security Analyst to support the Army National Guard (ARNG) ENOCS Task Order. This role supports SOC operations, vulnerability assessments, penetration testing, and the Computer Defense Assessment Program (CDAP) in direct support of the ARNG Regional Cyber Center (RCC-ARNG).The ideal candidate has hands-on experience in vulnerability assessment, penetration testing, and defensive cyber operations within DoD or federal environments. This position plays a critical role in identifying and mitigating threats to the ARNG's DoDIN-A(NG) network spanning 2,800 locations nationwide.
Key Responsibilities
SOC Operations & Monitoring
- Monitor enterprise systems for anomalous events using security monitoring platforms, SIEM, and endpoint tools
- Create, update, and escalate incident cases and tickets through the SOC ticketing and incident tracking systems
- Apply antivirus, intrusion detection, and vulnerability assessment tools and maintain signature policies
- Analyze ISS reports and coordinate reporting of ISS-related incidents
- Respond to and validate IDS/IPS alerts; tune SIEM events to minimize false positives
- Conduct comprehensive vulnerability assessments of ARNG sites, enclaves, and systems
- Execute CDAP penetration testing missions including Network Assistance Visits (NAVs) and Persistent Penetration Testing (PPT)
- Perform web vulnerability assessments, phishing campaigns, and network penetration testing using approved CDAP tools
- Analyze vulnerability scan results using ACAS and document findings with remediation recommendations
- Implement STIGs within 30 days of new DISA STIG releases and maintain secure baseline configurations
- Support CMMC controls assessments and maintain compliance documentation in eMASS
- Develop and maintain POA&Ms for non-compliant controls and track remediation to closure
- Ensure all systems meet DISA STIG, IAVM, and FISMA compliance requirements
- Assist in preparation of cybersecurity test results, compliance reports, and vulnerability scan analyses
- Support DoD RMF lifecycle activities including Assessment & Authorization (A&A) and re-authorization
- Support ARNG CHAP activities including CORA preparatory meetings, deep dives, and state assessments
- Build ACAS and AESS scorecards and incorporate results into weekly briefings
- Provide guidance to ARNG states on CORA requirements and cybersecurity best practices
- Participate as an active member of Cyber Hygiene Assessment Teams (CHAT) and Site Assistance Visit (SAV) teams
Required Qualifications
- Active Top Secret security clearance
- Bachelor's degree in Cybersecurity, Computer Science, or related field (or equivalent experience)
- 4–8 years of experience in information security, vulnerability assessment, or penetration testing
- Security+ (DoD 8570/8140 IAT Level II minimum)
- Demonstrated experience with vulnerability scanning tools (ACAS/Nessus or equivalent)
- Working knowledge of DISA STIGs, RMF, IAVM compliance, and eMASS
- Experience conducting penetration testing or red team/blue team operations
- Familiarity with SIEM platforms and IDS/IPS technologies
Preferred Qualifications
- CISSP, CySA+, CEH, OSCP, or equivalent advanced security certifications
- Experience with CDAP methodology, CORA assessments, or Army CHAP program
- CMMC Certified Assessor (CCA) or CMMC Certified Professional (CCP)
- Experience supporting Army National Guard, NETCOM, or ARCYBER environments
- Familiarity with AESS, ACAS, and DoDIN-A(NG) network architecture
- TS/SCI clearance
Benefits
- Competitive compensation package and comprehensive benefits
- Certification support and professional development funding
- Mission-critical work supporting the Army National Guard enterprise
- Growth opportunities within an expanding DoD cybersecurity program