Information Security Analyst

About Lucayan Technology Solutions LLCAt Lucayan Technology Solutions LLC, we deliver secure, innovative solutions in support of national defense and intelligence missions. As a trusted government contracting partner, we provide top-tier intelligence and technology services that safeguard our nation. Our team is mission-driven, and we are committed to building careers that matter.Location: Tampa, FL (Hybrid)Clearance Requirement: Active Secret or TS / SCI ClearanceEmployment Type: Full-Time Core business hours with on-call availabilityJob SummaryWe are seeking a skilled Information Security Analyst to support cybersecurity compliance and vulnerability management activities for a federal government IT program. You will perform security assessments, manage POA&Ms, support RMF documentation, and contribute to maintaining the security posture of enterprise systems in a DoD environment.Key ResponsibilitiesPerform vulnerability scanning, STIG assessments, and security compliance monitoringDevelop and manage POA&Ms for identified vulnerabilities in compliance with DoD timelinesSupport RMF documentation and ATO package development in eMASSAssist with cyber incident identification, reporting, and response activitiesSupport external security assessments, audits, and penetration testsMaintain security compliance documentation and cybersecurity workforce qualification recordsAssist with Privacy Impact Assessments and information protection compliance monitoringRequired QualificationsU.S. Citizenship requiredActive Secret or TS/SCI and/or ability to obtain;Bachelor's degree in a relevant field OR DoD 8570/8140 IA baseline certificationMinimum 3–5 years of information security experience in a federal or DoD environmentWorking knowledge of NIST SP 800-53, RMF, and STIG compliance requirementsHands-on experience with ACAS, SCC/SCAP, or similar vulnerability scanning toolsPreferred QualificationsSecurity+, CEH, or equivalent DoD 8570 certificationeMASS experience for RMF package supportFamiliarity with application security scanning tools (Fortify, Sonatype, BurpSuite)Knowledge of federal privacy compliance requirementsCertificationsDoD 8570 baseline certification required (Security+ or equivalent)