Information Security Analyst (Journeyman)

:

Who We Are: Oasys International, LLC (Oasys) is a rapidly expanding firm that has been recognized on Inc. 5000 magazine's list of the fastest-growing companies for five consecutive years. We are a dynamic organization dedicated to providing world-class technology consulting services through our team of expert technologists, consultants, engineers, and subject matter experts. At Oasys, we prioritize continuous learning, a healthy work-life balance, and a collaborative work environment. Our culture is merit-based, recognizing and rewarding performance and fostering a supportive and social atmosphere.

Position Summary:

Oasys is seeking an Information Security Analyst support the United States Coast Guard (USCG) at the Aviation Logistics Center (ALC)—Information Systems Division (ISD). The Information Security Analyst will support ongoing cybersecurity operations, continuous monitoring, risk assessments, and security compliance activities aligned with the DHS 4300A, NIST 800-53, and RMF standards.

The successful candidate will work closely with security engineers, system administrators, auditors, and federal stakeholders to evaluate and implement effective security measures that protect mission-critical systems and ensure audit readiness.

Primary Responsibilities:

• Support the implementation, monitoring, and continuous improvement of cybersecurity controls across enterprise systems, networks, and applications.
• Participate in and support the full lifecycle of the Risk Management Framework (RMF), including security categorization, control selection, implementation, assessment, authorization, and continuous monitoring.
• Monitor and analyze alerts and logs from Security Information and Event Management (SIEM) systems to identify threats and suspicious activities.
• Conduct vulnerability scans, assist in POA&M development, and provide recommendations for remediation and mitigation strategies.
• Review and support the development of System Security Plans (SSPs), Security Assessment Reports (SARs), Contingency Plans (CPs), and Incident Response Plans (IRPs).
• Conduct cyber risk assessments on systems, applications, and infrastructure to identify potential security gaps and recommend improvements.
• Assist in drafting and reviewing security documentation, audit findings, after-action reports, and compliance assessments.
• Collaborate with security control assessors to validate control implementations and test compliance to internal policies and federal guidelines.
• Support awareness and training initiatives to promote cybersecurity best practices across program teams.
• Provide input into policy, procedure, and standard development to ensure alignment with federal regulations and emerging threats.
• Evaluate security solutions and provide input on system security designs, ensuring defense-in-depth strategies.
• All other duties as assigned by management.

Skills/Qualifications:

• Understanding of cybersecurity principles, RMF processes, and federal compliance requirements.
• Hands-on experience with vulnerability management, log analysis, or SIEM operations.
• Familiarity with network security, identity and access management, and endpoint protection.
• Basic proficiency in federal cybersecurity frameworks including FISMA, DHS 4300A, NIST 800-53, and NIST 800-37.
• Ability to develop security documentation and effectively communicate findings to both technical and non-technical audiences.
• Strong analytical, organizational, and documentation skills.

Education/Experience Requirements:

• Bachelor's or Associate's degree in Computer Science, Math, Information Technology, Engineering, or related field. Two (5) years of directly relevant experience may substitute for one (1) year of formal education.
• Minimum of two (2) years of experience in Information security as analyst or in security operations.
• Minimum of two (2) years of experience with Security Information and Event Management (SIEM).
• Minimum of two (2) years of experience in the risk management framework.
• Basic knowledge of the following: Active Directory, UNIX, Windows, Relational Databases.
• Demonstrated experience working in support of federal government enterprise applications preferred.

Clearance:

• U.S. citizenship required
• Must have an active DoD Secret Clearance.

Certification Requirement

• CompTIA Security+
• Additional certifications (Network+, AWS Certified Cloud Practitioner, Microsoft Azure Fundamentals, ITIL Foundation, TOGAF, or other security architecture frameworks) are a plus.

Work Location:

• Elizabeth City, NC - On-Site (Full-Time)

Oasys is proud to be an equal opportunity employer for all protected groups, including protected veterans and individuals with disabilities.