Skip to main content
Jamf Nation, hosted by Jamf, is a knowledgeable community of Apple-focused admins and Jamf users. If you like what you see, join us in person at the ninth annual Jamf Nation User Conference (JNUC) this October for three days of learning, laughter and IT love.


Assist Cyber Security Division in maintaining all Certification and Accreditation decisions. Test all Macintosh solutions and infrastructure changes in the Enterprise Test Environment to ensure they are interoperable, do not impact system performance or availability, and are secure in accordance with all DoD, and all other applicable security policies.

We are seeking an Information Security Analyst/Engineer, to join our project team in the metropolitan Washington, DC, area supporting customers in the Pentagon.

Job Description

The Information Assurance Security Analyst/Engineer (you) will oversee agency performance of security risk assessments, system threat assessments, vulnerability assessments, and penetration analyses of computer networks; review of security plans, vulnerability assessments, and other plans; evaluation of information system and network access control.


Duties include, but are not limited to, the following:

  1. Serve as a Cybersecurity threat analyst for DoD Macintosh clients. Monitor, evaluate, and review Cybersecurity threat activity as it pertains to the approved Macintosh image. Work with engineering to validate their STIG-compliant Mac OS image.
  2. Coordinate and provide guidance, assistance, and recommended courses of action to ensure compliance with DoD policies for threat mitigation and incident handling.
  3. Support the design, development, and coordination of relationships and solutions to resolve problems within the specialty area, leveraging analytical expertise in and knowledge of advanced theory and current practices in Cybersecurity.
  4. Assist with managing Cybersecurity and Information Assurance programs for DoD clients.
  5. Analyzes security requirements to determine if they meet government-mandated security policies.
  6. Assist with activities associated with responding to a security-related incident or disaster recovery/business continuity.
  7. Coordinates with members of the cybersecurity unit to ensure an understanding of agency-specific context surrounding cybersecurity needs.
  8. Performs risk analyses, including risk assessments.
  9. Examines and reports to unit personnel on policy and standard compliance for Federal networks.
  10. Perform analysis of systems, programs, or planning activities, including the development of technical documentation and analysis of policies, procedures, and IA- and Cyber-related programs and initiatives.
  11. Assist with writing, reviewing, or verifying Programs of Actions and Milestones (POA&Ms) and other associated documents, including System Security Plans (SSP), Continuity of Operations (COOP) and Disaster Recovery (DR) plans, Vulnerability Management (VM), and Configuration Management Plans (CMP).
  12. Prepare, register, and submit system information and vulnerability POA&Ms to government databases (eMASS) to comply with DoD directives and regulations, to assist with tracking information system status and progress of the POA&Ms.
  13. Author and brief technical concepts to non-technical audiences and key stakeholders.
  14. Engage stakeholders across the DoD, collect and assimilate data, define business rules, and communicate the analysis to clients and leadership.

1. Test all Macintosh solutions and infrastructure changes in the Enterprise Test Environment to ensure they are interoperable, do not impact system performance or availability, and are secure in accordance with all DoD, and all other applicable security policies.
2. Comply with the appropriate DISA JSP, DoD, and National Institute of Standards and Technology (NIST) approved IA architecture, policies, programs, standards and guidelines to include the NIST Risk Management Framework (RMF). 3. Assist Cyber Security Division in maintaining all Authorization/Certification and Accreditation decisions.
4. Serve as cyber security liaison for the JSP Operations Division to JSP Cyber Security Division to provide common communications for direct implementation of USCYBERCOM Directives, Federal Initiatives, and coordinating and prioritizing mitigation strategies.
5. Coordinate and collaborate with System Administrators, Application Developers, and other IT support groups to implement all information systems security requirements (patches, updates, and configuration changes) as required and within the directed time frame.


• 5+ years of experience with Information Assurance or Cybersecurity regulations and requirements.
• 5+ years of experience with threat intelligence, incident handling, or supporting computer network defense.
• 2+ years of experience in or supporting system engineering (macOS, Linux, or Windows)
• Experience with DoD information assurance guidance, including AR 25-2, FISMA, Information Security Continuous Monitoring (ISCM), NIST SP 800-37/39/53/137.
• Experience with DoD RMF Assessment and Authorization (A&A) / DIACAP Certification and Accreditation (C&A) processes.
• BA or BS degree in a computer or STEM field, or commensurate work experience in the field of IT Security.
• DoD 8570 Professional Compliance IAT III Qualifying Certification (one of the following) (ISC)2 CISSP, GIAC GCIH/GCED, or ISACA CISA.

Applicants selected will be subject to a security investigation and will need to meet eligibility requirements for access to classified information; ability to obtain a Secret clearance is required.

Company Description

Zantech IT is an Equal Opportunity Employer.
EOE/Minorities/Females/Veterans/Disabled are encouraged to apply.

Zantech IT Services, Inc. provides IT, engineering and program management services to federal government and industry clients.

Located in Tysons Corner, VA, Zantech provides Federal Government agencies with the solutions and expertise to improve customer services and maintain high levels of customer satisfaction. By focusing on standards-based processes and tools, Zantech helps its clients meet their mission objectives, maintain mission critical functions, and transform mission sensitive systems.

Zantech is totally focused on providing “Outstanding Performance…Always” to its customers.
To apply to this position, email your resume to: or apply online: <>

Additional Information

Additional Desired Qualifications:
• Knowledge of the spectrum of Cybersecurity tools and processes, including intrusion detection, intrusion prevention, eradication tools and procedures, cross-domain solutions, multiple level security solutions, and wireless personal electronic devices.
• Experience with JAMF Casper or other macOS/iOS MDM.
• 1+ years of experience in a security operations center.
• Experience with IA hardware, including firewalls, border routers, Security Information and Event Manager (SIEM), and Intrusion Detection Systems (IDS) or software tools, including Wireshark, Snort, ArcSight, SCCM, or SolarWinds.
• Knowledge of DoD Cybersecurity tools and systems, including: – Host Based Security System (HBSS) – Assured Compliance Assessment Solution (ACAS) – Continuous Monitoring Risk Scoring (CMRS), or – Enterprise Mission Assurance Support Service (eMASS)
• Experience with the principles, approaches, and technologies associated with at least four separate technical InfoSec disciplines including: – application security – infrastructure security – mobile security – identity and access management – incident response – threat intelligence – information protection – security monitoring – vulnerability assessment
•Experience with at least two management-focused InfoSec disciplines: – strategy design – enterprise risk management – organizational design – organizational change management – performance management – awareness and training – supplier risk management

How to Apply

To apply to this position, email your resume to: or apply online: <>

Created: by computermedics
Modified: by bran
to edit a job you've posted or to post a new job