Cyber Security Analyst​/ISSO Security Clearance

Position: Cyber Security Analyst/ISSO with Security Clearance
At Areté, we are on the forefront of utilizing innovative solutions, with great minds from all backgrounds, to help solve the nation's most complex security challenges. We strive for an inclusive, collaborative team environment that approaches differences as opportunities for innovation and excellence. As an employee-owned company, we foster an atmosphere that propels diverse career opportunities and professional growth. Discover your future with us.

Areté is immediately seeking a full-time Cyber Security Analyst/Information Systems Security Officer to work with our corporate cyber team in either Tucson, Arizona or Niwot, Colorado. The selected candidate will have a minimum Secret clearance with that ability to obtain a Top Secret security clearance with SCI access, including a CI polygraph. The candidate will collaborate with other Cyber Security and IT staff members, travel occasionally, and provide some after-hours support.

The candidate will also support a variety of information systems at varying levels of complexity on the corporate network. This position is a full-time, permanent, on-site position, hybrid and remote options are not available.

Primary responsibilities:

* Perform duties as ISSO in accordance with NIST 800-171 and/or NIST 800-53.

* Develop, maintain, and update security authorization documentation including Con Mon Reports, and audit logs.

* Conduct security control implementation, validation, and assessment activities.

* Perform and document system audits and risk analysis.

* Manage and execute Continuous Monitoring (Con Mon) tasks to ensure compliance throughout the system lifecycle.

* Support configuration management (CM) processes with a minimum of 1-2 years direct CM experience, including review and documentation of system changes, baseline management, and change control.

* Provide incident response support, including investigation, reporting, and remediation of security events.

* Support preparation for internal and external inspections and assessments.

* Support ISSM with other duties as assigned.
We have an impressive range of benefits, programs, and perks that we offer:
Health & Wellness:
* Medical, Dental & Vision Insurance

* Life and Long-Term Disability (LTD)

* Vision Reimbursement

* Fitness Reimbursement
Financial:
* Company-funded 5% contribution to your 401(k) retirement plan

* Company-funded 5% contribution to your Employee Stock Ownership Plan

* Continuing Education Assistance
Work-Life Balance:
* Flexible Scheduling

* Paid Time Off (PTO)

* Paid Parental and Bereavement Leave
What We Value:
* Creativity and innovation in solving challenges

* Integrity and responsibility in all actions

* Collaboration across teams and specialties

* Responsiveness in fast-paced environments

* Passion for national security and excellence
Experiences and Background We Look For (Required Skills):
* Active Top Secret security clearance with ability to obtain a CI polygraph.

* 1-2 years of experience performing ISSO or equivalent cybersecurity duties for classified systems.

* Demonstrated experience with CMMC, NIST 800-171, or NIST 800-53 security controls.

* Hands-on experience in security auditing, continuous monitoring, and documentation of control implementation.

* Current IAT Level II Security Certification or higher (Security+, CASP, CySA+, CISSP, GSEC) or ability to obtain within 3 months of the start date.

* Must have solid technical knowledge on how Windows and Server operating systems are hardened.

* Experience with common information system Cyber Security tools, technologies, and STIGs (Nessus/ACAS, SCAP Compliance Checker, STIG Viewer, Microsoft Group Policy, etc.).

* Strong interpersonal skills, technical writing skills, and the ability to work autonomously and on a team.

* Strong written communication skills and the ability to document/diagram information systems and procedures.

* Must be able to lift 25 pounds.
Nice to Have (Preferred Skills):
* Knowledge of the Risk Management Framework is a plus;

* Experience with Security Directives, Policies, Publications and Regulations including but not limited to the NIST 800-171, NIST 800-53, JSIG and/or ICD 503;

* Experience in one or more of the…