Full-Time
Information System Security Officer
Information Technology
Posted on 7/28/2025
NexThreat
1-10 employees
Deployed detection analytics for Fortune 50
No salary listed
No H1B Sponsorship
Alexandria, VA, USA
Remote
US Citizenship Required
 IT & Security (1) |
|---|
- Bachelor's degree in Computer Science, Information Systems, or a related field.
- Proven experience in cybersecurity, RMF, or a related field.
- Familiarity with cloud security compliance requirements and configurations.
- Strong analytical and problem-solving skills.
- Maintain and renew existing Impact Level 4 (IL4) cloud ATO.
- Update records in the Enterprise Mission Assurance Support Service (eMASS), CWBI Hub, and Confluence.
- Analyze Personally Identifiable Information (PII) and Controlled Unclassified Information (CUI) within CWBI.
- Maintain and update Record Management Surveys (RMS) and supporting documents.
- Coordinate with SCA-V or DoD Continuous Monitoring program for assessments.
- Perform post-assessment actions, including creating a Plan of Action and Milestones (POA&M) and Security Assessment Reports (SAR).
- Facilitate CWBI change management activities utilizing standard DevSecOps solutions.
- Track change management items from reception to completion.
- Conduct security impact assessments for proposed changes.
- Analyze CWBI modules for configuration changes using automated means.
- Establish and maintain baseline hardware and software configurations, as well as documentation for ports, protocols, and services management (PPSM).
- Update CWBI system documentation in eMASS, Army Portfolio Management Solution (APMS), CWBI Hub, and Confluence as required.
- Conduct Assured Compliance Assessment Solution (ACAS), Host Based Security System (HBSS), and Army Endpoint Security Solution (AESS) scanning.
- Coordinate system access for necessary scans.
- Compile and analyze monthly vulnerability reports, categorizing impact levels and assisting CWBI PMO in prioritizing work to mitigate risks.
- Provide code vulnerability testing, dynamic code scanning, and cloud storage management services compatible with tools such as Burp Suite, Cloudberry, and ThunderScan.
- Conduct Security Content Automation Protocol (SCAP), Security Technical Implementation Guide (STIG), and Federal Risk and Authorization Management Program (FedRAMP) analyses.
- Perform quarterly SCAP and STIG assessments and analyze results for impacts/risks.
- Upload results into eMASS and assist CWBI PMO with risk prioritization.
- Continuously monitor system security events via logging and monitoring tools.
- Process event log notifications and create service tickets for appropriate technical groups.
- Track service ticket resolutions until successful completion.
- Relevant certifications (e.g., CISSP, CISM, Security+) preferred.
NexThreat provides security detection analytics to help large organizations identify and respond to digital threats. The company’s products work by deploying specific detection methods across a client's infrastructure to monitor data and flag suspicious activity. Unlike many consulting firms, NexThreat distinguishes itself through the scale of its deployments, serving a high volume of Fortune 50 companies, military branches, and government agencies. Its goal is to secure complex environments by providing proven analytical tools that protect critical data and systems.
Company Size
1-10
Company Stage
N/A
Total Funding
N/A
Headquarters
Reston, Virginia
Founded
2016
Simplify's Take
What believers are saying
- MelkoTech acquisition on January 2, 2024, adds cybersecurity staffing expertise.
- CEO Ruben Gavilan notes enhanced machine learning via talent integration.
- HUBZone internships build compliant talent pipeline for government clients.
What critics are saying
- MelkoTech integration fails from cultural clashes, causing recruiter attrition in 12-24 months.
- Lockheed Martin poaches 3-5 key engineers, eroding detection moat in 12-18 months.
- Booz Allen acquires NexThreat, ending independence in 18-36 months.
What makes NexThreat unique
- NexThreat leads in detection analytics deployed across Fortune 50, military, and agencies.
- Certified 8a, SDVOSB, and HUBZone for federal contracting advantages.
- Specializes in AI-driven threat detection and compliance automation.
Help us improve and share your feedback! Did you find this helpful?
Benefits
Health Insurance
Dental Insurance
Vision Insurance
401(k) Retirement Plan
401(k) Company Match
Life Insurance
Short-Term and Long-Term Disability Insurance
Flexible Spending Account/Flexible Spending Account
Profit Sharing
Employee Referral Bonus