Staff InfoSec Analyst

About Rise8

We’re transforming the United States Government and we know that takes a dream team. 

We believe customer experience starts with employee experience, so we take care of our employees. We offer competitive pay and benefits, invest in employee growth, and offer a culture you can’t find anywhere else.

At Rise8, we continuously achieve unreached heights through next-level tech, and on-the-level collaboration. Together, we create continuous impact. We turn breakdowns into breakthroughs, make small steps into giant leaps, and deliver game-changing products through culture-changing process.

We pair Risers with their customer counterparts and practice pairing at every moment to elevate people and teams and deliver results fast and forever. We work in small teams and rotate between them frequently so that we are able to meet new challenges and explore new ideas.

Our methodology is about experimenting and learning, and our culture is empowering. We subscribe to an ethos of kindness. We make a point to bring empathy to each and every project and are guided by a promise and a purpose: to deploy critical outcomes to prod in order to drive relentless progress. Not just an idea. But an outcome. A better world. A world where every day, fewer bad things happen because of bad software.

Rise8 is certified as a Great Place to Work with 100% of employees saying they love working here.

About You

Are you a Staff InfoSec Analyst with extensive expertise across multiple domains, including cloud security, containerization, and compliance? Do you thrive in dynamic environments where collaboration, innovation, and secure delivery are top priorities? At Rise8, we’re looking for someone like you to lead the charge in securing complex systems, while ensuring client satisfaction across projects. 

As a Staff InfoSec Analyst at Rise8, you will: 

• Lead and collaborate with cross-functional teams to enhance security processes and implement best practices.
• Conduct comprehensive cybersecurity assessments across the entire technology stack to identify vulnerabilities and ensure robust security measures.
• Shape and prioritize the organization’s cybersecurity strategy, identifying key risks and remediation actions to protect critical assets.
• Collaborate with external cybersecurity and compliance organizations to drive changes that align with cRMF practices, accelerating the time to value and enhancing overall security outcomes.
• Lead incident response efforts, conducting root cause analyses and driving improvements to security resilience.
• Educate on cybersecurity best practices and provide regular reports on risks, metrics, and issues to leadership, ensuring informed decision-making and proactive risk management.
• Train and mentor security engineers, fostering growth and up-skilling of the cybersecurity practice team members. 

Qualifications 

• 10+ years of a combination of development, security and operations experience
• BA/BS in Cybersecurity, Computer Science or related field, or equivalent experience
• Strong understanding of the controls inheritance model and controls automation, shared responsibility model, and an understanding of modern RMF methodologies such as Continuous RMF
• Applying cybersecurity concepts, including threats, vulnerabilities, security operations, encryption, boundary defense, auditing, authentication, and risk management
• Expertise in application, platform, and cloud security including implementing CIS benchmarks and security guidelines.
• Applying network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS), anti-malware, vulnerability scanning, encryption, monitoring, and Identity, Credential, and Access Management (ICAM)
• Experience working with government clients, especially in a 'Software Factory' environment, and familiarity with DoD security frameworks and Impact Level (IL) requirements.
• Strong communication skills and interest in a client pairing environment
• Relevant cybersecurity certifications such as CISSP, CISM, CEH, or equivalent. Additional cloud or vendor certifications (AWS, GCP, etc.) are a plus.

Preferred Qualifications: 

• Possession of recognized Professional Certifications such as AWS Solutions Architect, CISSP, CISM, GSLC
• Familiarity with Continuous RMF practices and cloud security best practices.
• Proven ability to consult with clients and tailor solutions to meet their specific cybersecurity needs.

Salary 

• The annual salary range for this role as it is posted is $138,826 - $173,533 regardless of final candidate location within the United States. The final job level and annual salary will be determined based on the education, qualification, knowledge, skills, ability, and experience of the final candidate(s), and calibrated against relevant market data and internal team equity. 

Benefits

• Flexible schedule in a 100% distributed workforce 
• Premium Insurance: We cover up to 100% of the employee premium and up to 80% of the combined dependent premium on our base health plan, depending on pay band. We also cover 100% of the premium for employee and dependent Dental and Vision as well as employee premiums for Life and Disability coverage.
• Retirement: 401k match at 10% gross pay.
• Paid time off (PTO): 4 weeks combined accrued vacation and sick leave, 11 Federal holidays, your birthday, jury duty, and bereavement.
• Education & Training: Accrued budget of up to $3,500 per year for classes, travel, events, and materials.
• Home Office and Merch: We offer $750 per year for home office technology and equipment as well as $100 per year for Rise8 merch from our Swag Store.
• Wellness Budget: To encourage and support a well-rounded healthy lifestyle, we cover 100% reimbursement on a variety of wellness activities and products, up to $500 per calendar year. 
• Rise8 is part of the Life Time Corporate Partner program. In lieu of your $500 annual wellness benefit, you can instead get a $75 monthly credit towards a Life Time membership ($900 annual benefit).
• Equipment: We offer a MacBook Pro

All of Rise8’s work in this area is with Federal Government customers that require our employees involved with their projects be U.S. citizens. As such, this role requires U.S. citizenship. If hired, you would also be required to go through a background investigation.

Rise8 is an Equal Employment Opportunity employer that will consider you for this role regardless of race, color, religion, gender, sexual orientation, marital status, gender identity or expression, national origin, genetics, age, disability status, protected veteran status, or any other characteristic protected by applicable law.