Job Title: Cybersecurity Analyst

Location: Portsmouth, VA (Onsite)

Clearance: Top Secret

Start: Based on Contract Award

Discover an exciting career at Foxhole Technology, an innovative IT Engineering firm founded in 2007. As leaders in cybersecurity, DEVSEC OPS, Agile Development, Cloud and IT support for federal civilian and defense agencies, we're at the forefront of addressing complex technology challenges. Our talented employee-owners provide agile, scalable solutions, bridging operational gaps, operating critical systems, and securing enterprises worldwide. If you're ready to be part of a team driving impactful innovations, apply today and shape the future of IT with us!

Foxhole Technology is seeking an experienced Cybersecurity Analyst to support a federal government client. The position requires assisting in Cyber Security (CS) readiness reporting, assessing the cyber security posture, and identifying trends and processes potentially dangerous to network security. The individual will also identify incomplete Information Assurance Vulnerability Management (IAVM) security patches for network assets and incomplete network scans that may pose a potential risk. Assist in the revision of the entire end-to-end A&A process.

• Verify Information Assurance (IA) and Cyber Security (CS) data for units reported via various databases such as Enterprise Mission Assurance Support Service (eMASS), Vulnerability Remediation Asset Manager (VRAM), etc.
• Compile and analyze data and develop a weekly/monthly CS Dashboard for  leadership review.
• Communicate feedback to senior stakeholders the identified CS vulnerabilities and coordinate corrections, collect responses and validate reporting.
• Provide support in drafting leadership strategies, plans, policy, and procedures.
• Process requests for use of computer equipment and accessories on site used by Contractors. Inspect the equipment and issue a for-use memo.
• Assist with the generation of assessment framework and methods for continued improvement of IA documentation, policy and procedures and IA/CS requirements for defending environment architectures.
• Assist with Assured Compliance Assessment System (ACAS) scans, ensuring daily Nessus plugin file signatures to help meet our continuous monitoring security posture efforts.
• Support cross-functional coordination with Information System Security Managers (ISSMs), System Owners, and Network Engineers to ensure cyber policy implementation, asset compliance, and secure system design lifecycle integration.
• Ensure audit artifacts are accurate, complete, and accessible, including evidence of continuous monitoring, patch management, user account management, and vulnerability remediation efforts.
• Coordinate with ISSMs, Information System Security Officers (ISSOs), and system owners to validate that all systems are in compliance with the Risk Management Framework (RMF) requirements and audit readiness standards.
• Track and report the status of audit findings and ensure all findings are assigned to responsible stakeholders, properly documented in the Plan of Action and Milestones (POA&Ms) and resolved within designated timelines.
• Support the development and delivery of audit preparation training and awareness materials for staff, ensuring all personnel understand their roles and responsibilities in maintaining cyber audit readiness.

• Minimum of 4 years of experience in CS analysis in support of Cyber metrics analysis, incident response and mitigation; risk mitigation analysis, developing contingency plans
• BS Degree in IT or related discipline
• Active DoD Top Secret Clearance

• Experience with Cyber applications, [e.g., ACAS, HBSS, MDE, MDI, Splunk]
• Expert and Mastery levels with institutional knowledge and a minimum of 4 years’ experience, on the mission critical procedures, systems, and processes, as they pertain to Information Technology and Cyber Security requirements.
• Expert knowledge of and experience with CS requirements as defined by Public Laws, National, DoD, and DON guidance [e.g., Federal Information Security Management Act (FISMA), DoDD 8100.02, DODI 8500.01, DoDI 8520, DoDI 8530, DoDI 8531, SECNAV 5239 Series and OPNAV 5239 Series, NIST Special Publications Series 800, etc.]
• Fully qualified in accordance with DoD 8570.01M.
• Security + or higher certification

Requirements of position:  Think analytically, effective verbal and written communication skills, make decisions, observe/remember details, interpret data, concentrate on tasks, adjust to change, handle stress/emotions.  Regular attendance, maintain work schedule, attend meetings, meet deadlines, keyboard/type, handle confidential information, use math/calculations, stay organized, operate office equipment, may direct others.  May be exposed to dust/dirt, humidity, and noise.

Foxhole Technology is an Equal Opportunity Employer and makes hiring decisions without regard to race, color, religion, sex (including pregnancy, childbirth and sexual orientation), national origin, age, disability, genetic information, military/veteran status, or any other protected class.