Information Security Analyst

About Lucayan Technology Solutions LLC

At Lucayan Technology Solutions LLC, we deliver secure, innovative solutions in support of national defense and intelligence missions. As a trusted government contracting partner, we provide top-tier intelligence and technology services that safeguard our nation. Our team is mission-driven, and we are committed to building careers that matter.

Location: Tampa, FL (Hybrid) 
Clearance Requirement: Active Secret or TS / SCI Clearance
Employment Type: Full-Time Core business hours with on-call availability

Job Summary 

We are seeking a skilled Information Security Analyst to support cybersecurity compliance and vulnerability management activities for a federal government IT program. You will perform security assessments, manage POA&Ms, support RMF documentation, and contribute to maintaining the security posture of enterprise systems in a DoD environment.

Key Responsibilities 

●    Perform vulnerability scanning, STIG assessments, and security compliance monitoring

●    Develop and manage POA&Ms for identified vulnerabilities in compliance with DoD timelines

●    Support RMF documentation and ATO package development in eMASS

●    Assist with cyber incident identification, reporting, and response activities

●    Support external security assessments, audits, and penetration tests

●    Maintain security compliance documentation and cybersecurity workforce qualification records

●    Assist with Privacy Impact Assessments and information protection compliance monitoring

Required Qualifications 

●    U.S. Citizenship required

●    Active Secret or TS/SCI and/or ability to obtain; 

●    Bachelor's degree in a relevant field OR DoD 8570/8140 IA baseline certification

●    Minimum 3–5 years of information security experience in a federal or DoD environment

●    Working knowledge of NIST SP 800-53, RMF, and STIG compliance requirements

●    Hands-on experience with ACAS, SCC/SCAP, or similar vulnerability scanning tools

Preferred Qualifications 

●    Security+, CEH, or equivalent DoD 8570 certification

●    eMASS experience for RMF package support

●    Familiarity with application security scanning tools (Fortify, Sonatype, BurpSuite)

●    Knowledge of federal privacy compliance requirements

Certifications

●    DoD 8570 baseline certification required (Security+ or equivalent)