DoW Junior Cloud RMF Analyst

Tetrad Digital Integrity (TDI) is a cybersecurity firm built for high-consequence environments where mission, complexity, and trust intersect. Our single focus has been delivering cyber solutions to effectively manage risk & the business of cyber for 25 years!

TDI is seeking a Junior Cloud RMF Analyst to support RMF and security execution for a mission-critical cloud-hosted defense system. This is a growth role for an early-career cybersecurity professional who is organized, coachable, mission-focused, and ready to build real-world experience in DoD cloud security and RMF operations. The role is designed for candidates with a solid foundation in cybersecurity, an active clearance, and the discipline to operate in a high-visibility environment where accuracy, follow-through, and customer trust matter.
This is not a passive documentation role, but it is also not a sink-or-swim senior ISSO position. You will work alongside experienced ISSOs, ISSMs, and engineering teams to support the RMF engine room: maintaining artifact quality, tracking POA&Ms, collecting and organizing evidence, supporting Continuous Monitoring, and helping ensure that documentation stays aligned to system reality as the environment evolves. If you are the kind of person who learns quickly, writes clearly, stays organized under pressure, and wants to grow into a cloud-savvy ISSO role supporting consequential national security systems, we want to meet you.
RESPONSIBILITIES:

• Support day-to-day RMF execution across the system lifecycle under the guidance of senior cybersecurity staff.
• Assist with development and maintenance of RMF artifacts including SSPs, SAR support materials, POA&Ms, control implementation details, evidence mappings, and supporting documentation.
• Collect, organize, and maintain evidence needed to support assessments, audits, Continuous Monitoring, and authorization activities.
• Support POA&M management with discipline: track remediation items, owners, due dates, status updates, and closure evidence.
• Help ensure documentation, evidence, and system reality remain aligned as approved changes occur through normal governance and configuration management processes.
• Support Continuous Monitoring activities by maintaining artifact freshness, tracking recurring deliverables, and helping prepare metrics and status updates.
• Review vulnerability scan outputs, STIG findings, and remediation documentation to support compliance tracking and risk reduction efforts.
• Coordinate with engineering, platform, and DevSecOps teams to gather evidence and confirm implementation details for security controls.
• Support security documentation and control traceability for cloud-hosted environments, including systems using modern platforms and managed cloud services.
• Contribute to process improvement efforts that reduce manual compliance work and improve quality, consistency, and audit readiness.
• Build practical knowledge of DoD RMF, NIST SP 800-53, cloud security concepts, and real-world control implementation in operational environments.

QUALIFICATIONS:

• Active Secret clearance.
• Bachelor’s degree in cybersecurity, information systems, computer science, engineering, or a related field, or equivalent relevant experience.
• 1–2 years of experience in cybersecurity, cloud security, compliance, risk management, IT operations, or related technical work.
• Security+ certification.
• Foundational knowledge of RMF, NIST SP 800-53, FedRAMP, or related cybersecurity/compliance frameworks.
• Basic familiarity with one or more cloud platforms such as AWS, Azure, or GCP, active path to obtain professional-level Google certification within a defined period after hire, is preferred.
• Familiarity with core security concepts such as access control, logging and monitoring, vulnerability management, configuration management, encryption, and incident response.
• Strong writing and communication skills with the ability to produce clear, professional, customer-ready documentation with guidance.
• Strong organizational skills, attention to detail, and follow-through across multiple tasks in a fast-moving environment.
• Ability to learn quickly, accept coaching, and work effectively with both technical and non-technical stakeholders.

PREFERRED QUALIFICATIONS:

• Exposure to cybersecurity internships, academic research, lab work, cloud coursework, or compliance documentation.
• Familiarity with SSPs, POA&Ms, STIGs, Nessus/ACAS, or audit/evidence collection is preferred.

OVERALL MATCH:
We are seeking early-career professionals who have already demonstrated a track record of excellence through academics, military service, internships, research, certifications, or hands-on technical work. The ideal candidate brings discipline, intellectual curiosity, strong writing, and a genuine drive to master cybersecurity, cloud, RMF, and emerging technologies. This is a true entry point into mission-critical defense work, but it is intended for high-potential performers who are ready to learn quickly, execute with rigor, and grow into larger responsibility over time.
 

TDI does business with the federal government, which restricts employment to individuals who are either US citizens or lawful permanent residents of the United States.

“TDI is an Equal Opportunity Employer. Employment decisions are made based on individual qualifications, merit, and business needs. We do not discriminate in employment opportunities or practices based on race, color, religion, sex, or national origin, in accordance with applicable federal laws.”