Connect | Develop | Excel
We are not your typical contracting company. APTNEXUS is a next-generation consulting firm. Our team members are amazing, hard-working consultants who value growing careers that align with their lifestyles.
To employ, develop, and provide fulfilling careers for diverse critical thinkers in IT & Cybersecurity who optimize the effectiveness of our customer’s IT investments and increase the protection of their data.
We offer a generous benefits packages that helps you balance work & life while accelerating growth towards achieving your career objectives.
Health is Wealth!
We offer comprehensive health and dental coverage for all employees. APTNEXUS covers 50% of the monthly premium.
Recharge, Refresh, Thrive!
In addition to 11 paid national holidays, APTNEXUS provides 120 hours (15 days) of Paid Time Off.
Invest for the Future!
APTNEXUS offers 401k retirement savings plans.
Become that Someone!
APTNEXUS provides career development planning and offers $1500 per year for training.
Exceptional work is rewarded annually at APTNEXUS.
Flexible Work Options
21st Century Work is not Confined to an Office!
APTNEXUS follows contractual obligations for onsite work but offers maximum flexibility and remote work opportunities.
Sr. Cybersecurity Compliance Analyst
Summary: This position is to support the implementation of the Risk Management Framework (NIST, DoD, and IC RMF) and Cybersecurity Framework for Commercial, Department of Defense, Federal Civilian, and Intelligence Community customers. The desired candidate should have extensive experience with developing security plans and assessing security and privacy controls in information systems in compliance with NIST SP 800-53 and 800-53A.
- Developing documentation (Security categorization, authorization boundary definition documents, security plans, contingency plans, security assessment reports, risk assessments, POA&Ms, etc.) to comply with NIST RMF requirements.
- Conducting comprehensive assessments of information systems in compliance with NIST SP 800-53A.
- Reviewing vulnerability management information related to GSS/Enclaves and Major Applications including but not limited to: DISA STIGs, SRGs, CIS Benchmarks, Qualys/Nessus scans, reviewing and interpreting CYBERCOM and CISA BOD notices, POA&Ms and other continuous monitoring data.
- Preparing regular audit reports that identify vulnerability and configuration findings, provide recommendations for remediation, and time frames by which remediation activities should be completed.
- Minimum of 5 years of directly related experience.
- Must have a solid understanding of NIST RMF, NIST CSF, and similar IT Compliance and Privacy regulations.
- Solid understanding of cloud security architecture within multiple cloud services (AWS, GCP, Azure)
- Experience with hardening servers, workstations, routers, switches, and mobile devices in accordance with CIS or STIG guidance.
- Certification in at least one of the following, but not limited to:
- CISSP (Certified Information Systems Security Professional)
- ISSEP (Information Systems Security Engineering Professional)
- GIAC (Global Information Assurance Certification)
- CISA (Certified Information Systems Auditor)
- CISM (Certified Information Security Manager)
Job Application Form
“*” indicates required fields