RMF Cybersecurity Analyst (Linux Systems)

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field with 6+ years of experience, or 10+ years equivalent experience.
• Strong hands-on experience with:
• Nessus / ACAS vulnerability scanning
• STIG implementation and validation
• POA&M development and management
• RMF processes and continuous monitoring
• Familiarity with:
• NIST 800-53 controls
• eMASS or equivalent RMF tools
• Experience working within DoD RMF environments (ATO lifecycle).
• Experience administering Linux systems (RHEL preferred).
• Ability to interpret and remediate security findings on Linux platforms.
• Must meet DoD 8140 (IAT Level II or higher) requirements (e.g., Security+, SSCP, GSEC).
• U.S. Citizenship required.
• Active Secret clearance required. Must be able to maintain the security clearance required for this position.

Nice To Haves

• Familiarity with:
• Red Hat Satellite
• OpenShift / Kubernetes environments
• DevSecOps pipelines
• Experience supporting Army or DoD enterprise environments.
• Experience with automation tools (Ansible, Terraform) for remediation.
• Linux certification (e.g., RHCSA, Linux+).
• Understanding of Zero Trust architecture principles.

Responsibilities

• Perform vulnerability scanning using Nessus (ACAS) across Linux environments.
• Analyze scan results and conduct vulnerability triage and prioritization.
• Execute and track scan remediation activities in coordination with system owners and engineers.
• Develop, maintain, and validate Plan of Action and Milestones (POA&M) artifacts.
• Apply and validate DISA STIGs for Linux operating systems (e.g., RHEL 8/9).
• Support RMF 2.0 lifecycle activities, including:
• Control implementation
• Continuous monitoring
• Security control assessments
• Maintain and update eMASS artifacts, including controls, vulnerabilities, and system status.
• Support Independent Security Assessments (ISA) and ATO sustainment activities.
• Ensure alignment with NIST 800-53 / CNSSI 1253 controls and DoD cybersecurity policies.
• Administer and maintain Linux systems (RHEL/CentOS) in secure environments.
• Implement and validate security hardening configurations.
• Support patching and configuration management to remediate vulnerabilities.
• Assist with system baselining and compliance validation.
• Collaborate with DevSecOps teams to integrate security into CI/CD pipelines.
• Support the automation of remediation activities using tools such as Ansible.

Benefits

• Long-term financial security
• Higher job satisfaction
• Greater job security
• Personal and professional growth
• Great company culture
• Excellent insurance coverage
• 401(k) match
• Generous PTO
• Health and wellness incentives
• Tuition and certification reimbursement
• Countless opportunities to give back to the community through i3 Cares