Security Compliance Analyst

Job Title: Security Compliance Analyst

Location: Hanscom Air Force Base, Massachusetts

Clearance: Secret

Program: BLITS 3.0

Company/ Program Description:

Centuria, a Service-Disabled Veteran-Owned Small Business (SDVOSB), has been delivering IT, Engineering, and Scientific solutions to the Federal Government since 2002. During our two decades of service, we have earned the trust and respect of our government clients for the simple reason that we have great people who are experts in their fields and take pride and ownership in everything they do.

BLITS 3.0 PROGRAM DESCRIPTION: This role will be to directly support the mission of the 66th Air Base Group (66 ABG) to secure information and information systems; to support mission success through effective and efficient service delivery; and to sustain required infrastructure and capabilities. As one part of the greater Air Force Information Network (AFIN) enterprise, the 66 ABG Communications and Information Division (66 ABG/SC) has responsibilities in two categories (1) direct actions in support of Hanscom Air Force Base (HAFB) and geographically separated units (GSUs); and (2) indirect actions to support the AFIN enterprise. Successful solutions for this requirement are expected to have strengths in four areas: integration, flexibility, AFIN knowledge, and technical expertise.

Job Responsibilities:

• Conduct vulnerability scans on Windows-based servers and infrastructure using DoD-approved tools.
• Track, analyze, and report vulnerability scores in alignment with DoD cybersecurity frameworks.
• Remediate vulnerabilities across:

o Windows Server environments

o Microsoft SQL Server

o .NET frameworks

o Internet Information Services (IIS)

• Assist in securing and patching applications and systems to meet applicable STIG (Security Technical Implementation Guide) compliance.
• Perform Section 508 compliance scanning and assist in mitigation of accessibility issues across web-based platforms and documentation.
• Maintain and automate security documentation workflows using SharePoint and Power Platform tools.
• Collaborate with cybersecurity, infrastructure, and development teams to ensure compliance and timely mitigation.

Job Requirements:

• Bachelor's degree in Computer Science, Information Security, or related field,

or equivalent plus 3-6 years' of experience in related field in lieu of bachelor's degree.

• CompTIA Security+ is required.
• Active Secret clearance required or ability to obtain one
• Solid understanding of DoD cybersecurity policies, including STIGs and DISA compliance tools.
• Experience with vulnerability scanning platforms such as ACAS.
• Introductory-level familiarity with SQL scripting for basic data queries and reporting.
• Hands-on experience with:

o SharePoint for managing security documentation and collaboration

o Power Automate for workflow automation (e.g., POA&M tracking, scan result routing)

o Power Apps for building custom compliance tools or dashboards

o Power BI for visualizing vulnerability trends and compliance metrics

• Familiarity with Section 508 accessibility standards and tools used for compliance scanning and remediation.
• Ability to interpret scan results, prioritize findings, and implement corrective actions.
• Experience with POA&M development and workflows.
• Strong analytical and problem-solving abilities.
• Excellent communication and documentation skills.
• Ability to work independently and in cross-functional teams.
• Detail-oriented with a proactive approach to security.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.