Information Security Analyst
Role summary
Creative Visions is seeking a mid-level Cybersecurity Analyst to support federal cybersecurity assessment, authorization, and continuous monitoring. This role involves hands-on security control assessments, vulnerability analysis, and supporting system authorization efforts in compliance with federal standards like FISMA and NIST. The analyst will work with senior staff and government stakeholders to evaluate system security, identify risks, and ensure compliance. Key responsibilities include performing SCAs, conducting control testing, managing vulnerabilities, supporting SSPs, SARs, and POA&Ms, analyzing configurations, and assisting with incident response.
Position Overview
Creative Visions is seeking a Cybersecurity Analyst (Mid-Level) to support federal cybersecurity assessment, authorization, and continuous monitoring activities. This role is responsible for performing hands-on security control assessments, vulnerability analysis, and supporting system authorization efforts in alignment with federal cybersecurity standards.
The Cybersecurity Analyst will work closely with senior staff and government stakeholders to evaluate system security posture, identify risks, and ensure compliance with FISMA and NIST requirements.
Key Responsibilities
- Perform Security Control Assessments (SCA) in accordance with NIST SP 800-53 and federal guidelines
- Conduct security control testing, including technical validation and documentation of results
- Perform vulnerability analysis and management, including identification, tracking, and remediation support
- Support system authorization activities, including development and updates to:
- System Security Plans (SSPs)
- Security Assessment Reports (SARs)
- Plan of Action and Milestones (POA&Ms)
- Analyze system configurations, security tools, and control implementations to identify gaps and risks
- Support incident response activities, including analysis of security events and coordination with stakeholders
- Engage with system owners and stakeholders to gather required inputs and validate security posture
- Ensure all deliverables are accurate, complete, and audit-ready
- Contribute to continuous monitoring activities and reporting
Required Qualifications
- 5–8 years of progressively responsible experience in information security, cyber risk management, or IT security operations
- At least 3 years of hands-on experience in one or more of the following:
- System security analysis
- Vulnerability management
- Incident response
- Within a Federal Information Systems Security environment or comparable enterprise environment
- Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or a related field
- CompTIA Security+ CE (or equivalent) – REQUIRED
Preferred Qualifications
- One or more of the following certifications:
- CISSP, CISM, CEH, or CAP
- Experience with:
- Federal security frameworks (FISMA, NIST RMF)
- Continuous monitoring programs
- Vulnerability scanning tools (e.g., Nessus, Tenable)
- SIEM tools and incident analysis
- Experience supporting federal ATO processes or authorization packages
Key Skills
- Strong analytical and problem-solving skills
- Ability to independently execute technical security assessments
- Clear and effective technical writing skills
- Ability to manage multiple tasks in a fast-paced environment
- Strong communication and stakeholder engagement skills
Similar roles
Information Security AnalystInnova Solutions · Chandler, Arizona, United States · Onsite
Information Security AnalystAviat Networks · Austin, Texas, United States · Onsite- Information Security AnalystFCT · Georgia, Georgia, United States · Remote
Information Security AnalystSystem High Corporation · Huntsville, Alabama, United States · Onsite
Information Security AnalystCryptic Vector · Miamisburg, Ohio, United States · Onsite
