Security Technical Implementation Guide (STIG) Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

CACI bv · 3 hours ago

Security Technical Implementation Guide (STIG) Analyst

positionVA
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
money$63K/yr - $130K/yr
date8+ years exp

CACI is a company dedicated to ensuring the safety of the nation through innovative solutions. The STIG Analyst will play a critical role in the EITaaS program by identifying, tracking, reporting, and mitigating STIG findings for the Department of the Air Force, enhancing the overall security posture of Air Force IT infrastructure.

ConsultingEducationTraining
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Conduct monthly reviews of Tenable and SteelCloud STIG reports
Analyze STIG data to remediation actions and identify responsible parties to conduct those actions
Review updates to DISA STIGs when new ones are published
Document comprehensive action plans for identified STIGs
Prioritize STIGs based on severity, potential impact, and exploitability
Develop and maintain custom STIG reports tailored for individual Air Force bases
Clearly communicate which STIGs will be remediated by the Enterprise and the expected timelines
Provide specific, actionable feedback to Air Force bases and leadership on how to remediate STIGs they are responsible for
Ensure recommendations are practical, aligned with Air Force policies, and feasible within the base’s resource constraints
Work closely with base IT teams, Enterprise security teams, and other stakeholders to ensure effective STIG management
Participate in regular meetings and briefings to discuss STIG trends, remediation progress, and emerging threats
Engage with the Cyber Security Dashboard team to identify improvements to automated messaging regarding STIGs
Stay current with the latest STIG trends, threat intelligence, and best practices in STIG management
Recommend process improvements and tool enhancements to streamline STIG assessment and remediation efforts

Qualification

STIG managementSecurity+ certificationTenable STIG scanning toolsExcelPivot tablesSTIG ViewerCLK filesAnalytical skillsProblem-solving skillsWritten communicationVerbal communicationTeamworkOrganizational skills

Required

Secret Clearance
8+ Years of relevant experience (Bachelor's Degree in applicable field may be substituted for 5 years of experience)
Security+ certification (or equivalent)
Minimum of 3 years of experience in STIG management or a related cybersecurity role
Experience with Tenable or similar STIG scanning tools
Familiarity with Air Force IT systems and security protocols is a plus
Working Knowledge of Excel and pivot tables
Experience with STIG Viewer and CLK files
Strong analytical and problem-solving skills
Excellent written and verbal communication skills
Ability to work independently and as part of a team
Detail-oriented with strong organizational skills

Preferred

Experience in creating and managing custom STIG reports
Knowledge of Air Force or DoD security standards and regulations
Proven track record of successful STIG remediation projects

Benefits

Healthcare
Wellness
Financial
Retirement
Family support
Continuing education
Time off benefits

Company

CACI bv

twittertwittertwitter
company-logo
CACI levert, implementeert en beheert bedrijfskritische oplossingen voor het Hoger Onderwijs: het StudentInformatieSysteem OSIRIS en LISA voor zaakgericht werken.
dateFounded in 1997
location
Amsterdam, Noord-Holland, NLD
people-size51-200 employees
web-link
https://www.caci.nl

Funding

Current Stage
Growth Stage
Company data provided by crunchbase