Cybersecurity Analyst in Oakton, Virginia at Apavo Corporation

Job Title: Cybersecurity Analyst

Location: Oakton, VA

Department: Cyber Security Services

Reports To: Management

FLSA Status: Full Time/Non-exempt

Description:

Apavo is at the forefront of cybersecurity, providing services to military, defense, and critical infrastructure industries. Joining the Apavo team means becoming part of a company rooted in the principles of quality, and communication. We value positive, candid interactions and the belief that everyone has valuable contributions to make. Apavo stands out for its commitment to a work-life balance and fostering a growth mindset among all team members. If you are looking to make a meaningful impact in the cybersecurity world while growing professionally in a supportive environment, Apavo is the place for you.

Job Purpose:

The Cybersecurity Analyst supports the Defense Advanced Research Projects Agency (DARPA) mission by executing advanced vulnerability management, compliance, and Continuous Monitoring (ConMon) within complex, multi-enclave Risk Management Framework (RMF) environments. Operating across all classification levels (Unclassified, Secret, TS/SCI, and SAP), this role ensures that standard enterprise systems and unique Research & Development (R&D) systems remain secure and compliant under both Department of Defense (DoD) and Intelligence Community (IC) directives. The analyst serves as the Assured Compliance Assessment Solution (ACAS) Subject Matter Expert (SME), ensuring complete network visibility, verifying directive compliance, and mitigating vulnerabilities across DoDI 8510.01, ICD 503, and JSIG governed environments.

Duties & Responsibilities:

Cybersecurity Analyst responsibilities include, but are not limited to:

Advanced ACAS Administration: Deploy, configure, and manage Tenable Security Center (Tenable.sc) and Nessus scanners across connected and air-gapped enclaves (NIPR, SIPR, JWICS, SAP).

Vulnerability, R&D & Directive Scanning: Execute and analyze credentialed and non-credentialed vulnerability scans. Tailor scan zones, profiles, and asset lists to ensure 100% visibility while preventing disruptions to fragile, experimental DARPA research systems. Perform targeted scanning to determine and verify system compliance with DCDC Communications Tasking Orders (CTOs).

Troubleshooting & Maintenance: Diagnose and resolve complex scanner connectivity issues, WMI/SSH credentialed scan failures, and perform manual/offline plugin and feed synchronizations for isolated, highly classified networks.

Multi-Framework Compliance Validation: Validate findings against DISA STIGs, CIS benchmarks, and specific IC/SAP security baselines. Conduct compliance checks using tools such as SCC, STIG Viewer, and Evaluate-STIG.

Risk & Remediation Tracking: Develop and maintain POA&M documentation. Monitor IAVA/IAVM notices and IC-specific vulnerability alerts. Collaborate with operations and engineering personnel to provide risk-based remediation strategies, tracking mitigation within systems of record (e.g., eMASS, Xacta).

Continuous Monitoring & Upstream Reporting: Execute ConMon activities, integrating ACAS outputs with local SIEM tools (e.g., Splunk) to maintain ongoing authorization and coordinate with the external Cybersecurity Service Provider (CSSP). Support upstream enterprise cybersecurity posture reporting, ensuring accurate data synchronization with the Continuous Monitoring and Risk Scoring (CMRS) system.

DoD & IC RMF Support: Support RMF lifecycle activities across multiple regulatory frameworks—including DoD RMF (DoDI 8510.01), Intelligence Community Directive 503 (ICD 503), and the Joint SAP Implementation Guide (JSIG). Maintain artifacts and map technical scan findings to NIST SP 800-53 and CNSSI 1253 controls.

The Cybersecurity Analyst is expected to have additional duties as assigned in support of corporate cybersecurity services and DARPA mission requirements. Additional details are reviewed in accordance with company policies.

Other:

This is typical office or administrative work, and there is no exposure to adverse environmental conditions.

This position requires sedentary work. Sedentary work is defined as: Exerting up to 10 pounds of force occasionally and/or a negligible amount of force frequently or constantly to lift, carry, push, pull or otherwise move objects, including the human body. Sedentary work involves sitting most of the time. Jobs are sedentary if walking and standing are required only occasionally, and all other sedentary criteria are met.

Apavo Corporation provides equal employment opportunities to all applicants and employees and strictly prohibits any type of harassment or discrimination in regards to race, religion, age, color, sex, disability status, national origin, genetics, sexual orientation, protected veteran status, gender expression, gender identity, or any other characteristic protected under federal, state, and/or local laws.

Consistent with the Americans with Disabilities Act (ADA), it is the policy of Apavo Corporation to provide reasonable accommodation when requested by a qualified applicant or employee with a disability, unless such accommodation would cause an undue hardship. The policy regarding requests for reasonable accommodation applies to all aspects of employment, including the application process. If reasonable accommodation is needed, please contact Apavo Human Resources at hr@apavo.com or 571-407-0069

Employment with Apavo Corporation is on an at-will basis, meaning either you or the Company can terminate the employment relationship, at any time, for any or no reason, and with or without cause or notice. As an at-will employee, your employment with Apavo Corporation is not guaranteed for any length of time.

Qualifications:

• Education/Experience: Bachelor’s degree in Cybersecurity, Information Technology, or related field (or equivalent experience) with 5–7+ years of experience in DoD/IC cybersecurity, heavily focused on vulnerability management and RMF.
• Clearance: Active Top Secret clearance with SCI eligibility. (Willingness to undergo a Counterintelligence (CI) or Full-Scope Polygraph for SAP readiness is highly preferred).
• DoD Directive: DoD 8570.01-M / 8140.03 compliant for IAT Level II (e.g., Security+ CE, CySA+) or Level III (e.g., CASP+, CISSP).
• ACAS Certification: Current DISA ACAS Operator and/or Administrator training certificate is required.
• Technical Proficiency: Deep, hands-on administrative experience with ACAS (Nessus / Tenable.sc) infrastructure, including offline updates, CMRS integration, air-gapped deployments, and credentialed scan troubleshooting.
• OS/Environment: Computing Environment (CE) certification (e.g., Linux+, Windows Server) or equivalent command-line experience is highly preferred for ACAS host management.
• Framework Knowledge: Strong understanding of DoD RMF (DoDI 8510.01), IC RMF (ICD 503), JSIG, CNSSI 1253, NIST SP 800-53 controls, STIG implementation, and IAVA/IAVM/CTO remediation processes.
• Tooling: Experience with SCC, STIG Viewer, eMASS, Xacta (heavily used in IC/SAP environments), and log aggregation tools (e.g., Splunk).
• Communication: Strong analytical and problem-solving skills, with the ability to communicate technical cyber risks to non-technical program managers and research scientists.