Information Security Analyst
Cryptic Vector, Miamisburg, OH, United States
Overview
At Cryptic Vector, we are dedicated to mission success. We take the time to understand our customers\' needs, delivering products that perform when our nation needs them most. We understand that properly supporting the most unique missions of the United States government requires the nation’s best. Our focus is on creating a culture where the best and brightest want to grow, learn, and stay. If producing out-of-the-box solutions is your specialty, then you’ll feel right at home at Cryptic Vector. We are solving the country’s most unique problems in an environment where problem solvers and hard workers thrive. We\'ve replaced corporate red tape with transparency and servant leadership. Honestly, it’s hard not to love this culture!
Information Security Analyst (Classified Systems)
The Information Security Analyst (Classified Systems) will support compliance, auditing, and documentation activities for classified information systems. In this role, you will serve as the Information System Security Officer (ISSO) for assigned systems, focusing on the full Risk Management Framework (RMF) lifecycle — including security control assessments, continuous monitoring, and system authorization (ATO) maintenance. You will work closely with system owners, engineers, and the Information System Security Manager (ISSM) to keep classified systems compliant and mission ready.
You will have the opportunity to play a meaningful role in protecting high-stakes classified environments by ensuring robust security posture, driving compliance excellence, and directly supporting critical national security missions.
Responsibilities
Act as ISSO for classified systems, supporting the RMF lifecycle, including:
Security control assessments
System authorization (ATO) maintenance
Continuous monitoring and reporting
Manage and maintain RMF documentation in eMASS or manually (based on customer requirements), including:
System Security Plans (SSP)
Security Control Traceability Matrices (SCTM)
Risk Assessment Reports (RAR)
Plans of Action & Milestones (POA&M)
Conduct and document vulnerability assessments using tools such as:
SCAP Compliance Checker
STIG Viewer
Perform audits and reviews to verify compliance with applicable security controls and standards, including:
NIST SP 800-53
JSIG/DISA guidance (as applicable)
DCSA requirements
Maintain asset inventory and configuration documentation for classified systems
Track findings and coordinate remediation with system owners, system admins, and ISSM
Support inspections, audits, and government assessments for classified systems
Stay current on RMF guidance, cybersecurity standards, and government training requirements (e.g., DCSA CBTs)
Requirements
2–5+ years of experience supporting classified information systems or RMF compliance activities
Active Top Secret Clearance with SCI eligibility. A Polygraph is not required to be eligible for this position. However, the applicant must be willing and eligible for submission, depending on program requirements, after an offer is accepted and must be able to maintain the applicable clearance/access.
DoD 8140-compliant or equivalent legacy 8570 certifications (e.g. Sec+, CISSP)
Hands-on experience with RMF documentation and compliance tools, such as eMASS, STIG Viewer, SCAP
Knowledge of NIST SP 800-53 controls, security control implementation, and auditing practices
Familiarity with classified environments and government security processes
Strong attention to detail and ability to manage compliance documentation accurately
Completion of applicable DCSA training for classified RMF and system authorization within 90 days of hire
Preferred Skills
Experience with hardening various OSs (Windows and Linux)
Prior experience performing ISSO or compliance responsibilities in a government or contractor environment
Experience with centralized logging systems (e.g. Graylog)
Experience with vulnerability scanners (Wazuh)
Understanding of JSIG/DCSA requirements
Benefits & Perks
As an Employee First company, we offer a comprehensive and competitive total rewards package:
100% Company-paid medical insurance for employees
100% Company-paid dental and vision insurance
Competitive salary and bonus
25% 401k company contribution
Generous PTO, parental leave, bereavement leave, and volunteer time
Flexible work hours
Tuition reimbursement, training allowance, internal mobility opportunities
Free beverages and snacks, Donut Fridays, monthly social events
This role requires use of technical data subject to U.S. Government contract restrictions; therefore, this posting is only for U.S. Citizens.
Cryptic Vector is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity or expression, pregnancy, age, national origin, disability status, genetic information, protected veteran status, or any other characteristic protected by law.
#J-18808-Ljbffr
At Cryptic Vector, we are dedicated to mission success. We take the time to understand our customers\' needs, delivering products that perform when our nation needs them most. We understand that properly supporting the most unique missions of the United States government requires the nation’s best. Our focus is on creating a culture where the best and brightest want to grow, learn, and stay. If producing out-of-the-box solutions is your specialty, then you’ll feel right at home at Cryptic Vector. We are solving the country’s most unique problems in an environment where problem solvers and hard workers thrive. We\'ve replaced corporate red tape with transparency and servant leadership. Honestly, it’s hard not to love this culture!
Information Security Analyst (Classified Systems)
The Information Security Analyst (Classified Systems) will support compliance, auditing, and documentation activities for classified information systems. In this role, you will serve as the Information System Security Officer (ISSO) for assigned systems, focusing on the full Risk Management Framework (RMF) lifecycle — including security control assessments, continuous monitoring, and system authorization (ATO) maintenance. You will work closely with system owners, engineers, and the Information System Security Manager (ISSM) to keep classified systems compliant and mission ready.
You will have the opportunity to play a meaningful role in protecting high-stakes classified environments by ensuring robust security posture, driving compliance excellence, and directly supporting critical national security missions.
Responsibilities
Act as ISSO for classified systems, supporting the RMF lifecycle, including:
Security control assessments
System authorization (ATO) maintenance
Continuous monitoring and reporting
Manage and maintain RMF documentation in eMASS or manually (based on customer requirements), including:
System Security Plans (SSP)
Security Control Traceability Matrices (SCTM)
Risk Assessment Reports (RAR)
Plans of Action & Milestones (POA&M)
Conduct and document vulnerability assessments using tools such as:
SCAP Compliance Checker
STIG Viewer
Perform audits and reviews to verify compliance with applicable security controls and standards, including:
NIST SP 800-53
JSIG/DISA guidance (as applicable)
DCSA requirements
Maintain asset inventory and configuration documentation for classified systems
Track findings and coordinate remediation with system owners, system admins, and ISSM
Support inspections, audits, and government assessments for classified systems
Stay current on RMF guidance, cybersecurity standards, and government training requirements (e.g., DCSA CBTs)
Requirements
2–5+ years of experience supporting classified information systems or RMF compliance activities
Active Top Secret Clearance with SCI eligibility. A Polygraph is not required to be eligible for this position. However, the applicant must be willing and eligible for submission, depending on program requirements, after an offer is accepted and must be able to maintain the applicable clearance/access.
DoD 8140-compliant or equivalent legacy 8570 certifications (e.g. Sec+, CISSP)
Hands-on experience with RMF documentation and compliance tools, such as eMASS, STIG Viewer, SCAP
Knowledge of NIST SP 800-53 controls, security control implementation, and auditing practices
Familiarity with classified environments and government security processes
Strong attention to detail and ability to manage compliance documentation accurately
Completion of applicable DCSA training for classified RMF and system authorization within 90 days of hire
Preferred Skills
Experience with hardening various OSs (Windows and Linux)
Prior experience performing ISSO or compliance responsibilities in a government or contractor environment
Experience with centralized logging systems (e.g. Graylog)
Experience with vulnerability scanners (Wazuh)
Understanding of JSIG/DCSA requirements
Benefits & Perks
As an Employee First company, we offer a comprehensive and competitive total rewards package:
100% Company-paid medical insurance for employees
100% Company-paid dental and vision insurance
Competitive salary and bonus
25% 401k company contribution
Generous PTO, parental leave, bereavement leave, and volunteer time
Flexible work hours
Tuition reimbursement, training allowance, internal mobility opportunities
Free beverages and snacks, Donut Fridays, monthly social events
This role requires use of technical data subject to U.S. Government contract restrictions; therefore, this posting is only for U.S. Citizens.
Cryptic Vector is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity or expression, pregnancy, age, national origin, disability status, genetic information, protected veteran status, or any other characteristic protected by law.
#J-18808-Ljbffr