Information System Security Analyst (ISSA)

Corvid Technologies is seeking a hands-on Information System Security Analyst (ISSA) to support our Corporate Information System Security team. This role is focused on the technical execution of the Risk Management Framework (RMF) efforts. You will be responsible for the "front-line" security work: scanning systems, hardening configurations, and gathering the technical evidence required to maintain our Authorizations to Operate (ATOs) for a subset of systems.

This is an ideal role for an early career technical professional who enjoys working across diverse environments (Windows and Linux) and wants to contribute to cutting-edge defense engineering projects.

Primary responsibilities include:

• System Oversight: Perform routine security sustainment activities, including audit log reviews, media protection, and hardware/software baseline audits supporting standalone or small enclave systems.
• Technical Compliance: Validate system hardening by applying DISA STIGs and SRGs to Windows and Red Hat Enterprise Linux (RHEL) systems.
• Vulnerability Management: Conduct regular vulnerability scans using Tenable Nessus/Security Center; analyze results and assist system administrators in remediating findings.
• RMF Artifacts: Generate and organize technical evidence for SSPs, POAMs, and RARs. Manage and update records within Enterprise Mission Assurance Support Service (eMASS).
• Configuration Management: Work with System Administrators to ensure all changes to the environment maintain a strong security posture and follow approved change control processes.
• Incident Support: Support the IS Security team in investigating and reporting potential security incidents or spills.

Position Requirements:

• Candidate must be a U.S. Citizen and possess (and maintain) a Secret Clearance
• Position requires a Bachelor's Degree in a related discipline and at least 1 year in Cybersecurity, Information Technology, or System Administration (experience can substitute for the degree requirement)
• IAT Level II certification (e.g., CompTIA Security+ CE) is required (candidate may obtain certification within 90 days of hire)
• Candidate should demonstrate familiarity with NISPOM, DAAPM, RMF, CMMC and other NIST (i.e., 800-171, NIST-53) publications
• Hands-on experience with STIG Viewer and SCAP Compliance Checker (SCC) as well as familiarity with ACAS (Nessus) scanning and reporting functions
• Basic administration skills in Windows and RHEL are required
• Preferred candidates will have scripting experience (e.g., PowerShell, Bash)
• Ability to travel up to 10% to support compliance efforts at remote sites

About Corvid:

Corvid Technologies is an engineering firm specializing in using high-fidelity, computational modeling and simulation to analyze, design and manufacture products for aerospace, DoD, and commercial customers. We offer a fast-paced and flexible work environment that encourages creativity and collaboration. Our team works on difficult, cutting-edge technical challenges using state-of-the-art technologies and resources.

Why Corvid:

We value our employee-owners and in addition to providing challenging work opportunities and competitive pay, Corvid believes in providing a strong benefit package that provides value to our team members at all stages of their career.

Corvid benefits include:

• Employee Stock Ownership Plan via our generous 401(k) Matching
• Medical Insurance via Blue Cross - including a PPO and High-Deductible offering (with company HSA contribution)
• Paid Time Off (PTO) based on years of industry experience (not tenure)
• Career Development and Continuing Education opportunities
• Company provided life, long-term and short-term disability insurance
• Incentive opportunities to reward strong performance and corporate growth
• Attractive corporate facilities that include Lake Norman access, out-door activities (including grills) and more