Sr. Information System Security Specialist

Key Responsibilities:

• Implement and maintain cybersecurity policies and procedures to protect information systems from unauthorized access and threats.
• Support Risk Management Framework (RMF) processes and ensure compliance with DoD 8570.1M, DoD 8140, DIACAP, and Cyber Security Service Provider (CSSP) accreditation requirements.
• Utilize security tools such as DISA eMASS, ACAS, HBSS, and other Information Assurance (IA) technologies to conduct security assessments.
• Evaluate security solutions and ensure they meet compliance requirements for handling classified information.
• Assist in developing system security policies and ensuring adherence to change management and configuration control processes.
• Conduct vulnerability analysis, penetration testing, network security monitoring, and incident response as required.
• Supervise and maintain the operational security posture of information systems and ensure compliance with Authority to Operate (ATO) requirements.
• Monitor and respond to security incidents, analyze forensic data, and provide remediation recommendations.
• Collaborate with cybersecurity teams, IT professionals, and system engineers to ensure seamless integration of security solutions.
• Develop and maintain security documentation, reports, and compliance artifacts.
• Stay current with emerging cybersecurity threats, vulnerabilities, and mitigation techniques.

Required Qualifications:

• Active Secret Security Clearance
• Education: Bachelor’s degree in a technical or managerial discipline (Cybersecurity, Computer Science, Information Technology, or related field) OR
• High School Diploma or GED with seven (7) years of relevant cybersecurity experience.
• Certifications (DoD 8570.1M and 8140 Compliance)
  • IAT Level III certification (e.g., CISSP, CASP+, CISM).
  • Additional cybersecurity certifications relevant to CND Auditor, CND Analyst, CNDSP Manager, CND Incident Responder, CND Infrastructure Support, IASAE I, or IASAE II are highly preferred.

Experience:

• Five (5) years of relevant experience with a Bachelor’s degree or seven (7) years of experience with a High School Diploma/GED in Cybersecurity, Engineering, Test & Evaluation (T&E), or Assessment & Authorization (A&A) / Certification & Accreditation (C&A).
• Hands-on experience with security tools like DISA eMASS, ACAS, HBSS, or similar IA solutions.
• Practical experience supporting network and system security support, Cyber Security Service Providers (CSSPs), or Cyber Red Teams within the DoD or Federal Government.
• Proficiency in at least three (3) of the following six (6) areas:
  • Vulnerability Analysis
  • Network Security Monitoring
  • Incident Response & Forensics
  • Penetration Testing / Red Teaming
  • Threat Intelligence & Risk Assessment
  • Security Architecture & Engineering
• Familiarity with security policies, risk assessments, and compliance documentation to support cybersecurity accreditation and audit readiness.
• Strong knowledge of DoD IT infrastructure, cybersecurity frameworks (RMF, NIST 800-53), and security operations.

Preferred Qualifications:

• Experience working in classified environments and handling sensitive data.
• Experience with Cloud Security (AWS, Azure, DoD cloud environments).
• Strong analytical and problem-solving skills with the ability to assess complex security issues and provide solutions.
• Excellent communication skills to effectively interact with executives, technical teams, and security stakeholders.