Information Assurance Analyst
About The Position
Live, Work, and Make an Impact in Paradise! Are you an Information Assurance expert looking to advance your career while living in a place most people only get to visit? SMX is seeking a talented Information Assurance Analyst to join our dedicated team in beautiful Key West, Florida. This is more than just a job; it's an opportunity to play a vital role in protecting our nation's security. As a key member of our team, you will be a hands-on technical assessor, responsible for executing the detailed security compliance work that underpins the security of critical information systems for our clients, including USSOUTHCOM and its Component Commands. This position requires an Active DoD Top Secret with the ability to obtain SCI clearance which requires US citizenship for work on DoD contracts. Application Deadline: March 30, 2026 This position is onsite in Key West, FL As an Information Assurance Analyst, you are the technical engine of our security assessment process.
Requirements
- Active DoD Top Secret clearance with the ability to obtain and maintain SCI eligibility
- A Bachelor's Degree in a computer or systems science discipline (or equivalent relevant experience)
- At least three (3) years of progressive, relevant experience in Information Assurance
- DoD Information Assurance Management (IAM) Level II certification
- A strong understanding of the Risk Management Framework (RMF) and DoD IA policies (eg, CJCSM 651001)
- Experience working with US DoD commands
- Excellent communication and interpersonal skills, with a collaborative, team-first attitude
Nice To Haves
- Previous experience as an Information Systems Security Manager (ISSM) or DOW Systems Administrator
- Hands-on experience with security management tools such as eMASS, Telos, or Xacta
Responsibilities
- Execute Security Control Assessments: Assess and document the compliance of NIST 800-53 security controls for multiple Assessment and Authorization (A&A) packages within eMASS, providing the foundational analysis for the Risk Management Framework (RMF) process as directed by team leadership
- Develop Compliance Documentation: Author security control implementation statements, gather evidence, and develop security policies
- Validate and upload all compliance artifacts to the official record in eMASS
- Analyze Scan Data: Analyze vulnerability and compliance scan reports from tools like ACAS and Nessus, using the data as evidence to support your security control assessments and document deficiencies
- Manage Device Approvals: Own the end-to-end approval process for Portable Electronic Devices (PEDs)
- Vet requests for personal, medical, and operational devices against policy and coordinate the signature approval workflow
- Identify and Report Deficiencies: Document control deficiencies and non-compliance within your assessment reports in eMASS, providing the objective data necessary for the creation of Plans of Action & Milestones (POA&Ms)
- Ensure Data Accuracy: Identify and flag outdated or inaccurate system information (eg, hardware/software lists) within A&A databases to the ISSM for correction, ensuring the integrity of our records
- Collaborate and Report: Actively engage with engineers and system administrators to acquire necessary evidence, and report your assessment status and progress to the Site Lead and ISSM
Benefits
- health insurance
- paid leave
- retirement
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
