Sr System Security Info Assurance SME (Top Secret Required)

Description

• Respond to Network Operations Center (NOC) notifications and take appropriate security actions.
• Implement, maintain, and enhance security postures across complex DoD network and system architectures.
• Manage the full Risk Management Framework (RMF) lifecycle, including categorization, control selection, implementation, assessment, authorization, and continuous monitoring.
• Manage, apply, and validate Security Technical Implementation Guides (STIGs) across servers, workstations, network devices, and applications.
• Apply and track Information Assurance Vulnerability Alerts (IAVAs) within required deadlines.
• Conduct ongoing configuration management, vulnerability assessments, and compliance validation.
• Maintain and update System Security Authorization Agreements (SSAAs) and other accreditation packages.
• Support FISMA reporting requirements, DoD IG inspections, ACA audits, and broader accreditation/certification programs.
• Ensure all RMF artifacts, evidence, and documentation remain current and compliant with DoD requirements.
• Complete, manage, and review STIG checklists, ensuring proper documentation of findings, mitigations, and compliance status.
• Monitor, analyze, and report on system vulnerabilities and risks using tools such as ACAS, HBSS, and other DoD-mandated solutions.
• Develop, maintain, and track Plan of Action and Milestones (POA&Ms) to ensure timely remediation of vulnerabilities, audit findings, and control deficiencies.
• Ensure compliance with DoD 8570.01-M/DoD 8140 cybersecurity workforce requirements.
• Conduct security control assessments and prepare comprehensive RMF security assessment reports.
• Apply Defense-in-Depth principles to protect systems, data, applications, and network infrastructure.
• Perform and document incident response activities, security audits, and CNDSP-related functions.
• Prepare detailed security reports, briefs, and recommendations for stakeholders and leadership.
• Serve as the lead technical authority for all IA and cybersecurity functions within the computing environment.
• Provide expert guidance on physical and personnel security measures relevant to the IA mission.

Requirements

• 5 years of hands-on experience with ACAS reporting, monitoring, and applying IAVA remediations.
• 5 years of experience in physical and personnel security disciplines.
• Bachelor of Science in Computer Engineering, Computer Information Systems, Telecommunications, Management Information Systems, or a closely related discipline. OR
• 5 years of experience performing configuration management, vulnerability assessments, and vulnerability management support.
• Documented experience supporting FISMA, DoD IG inspections, ACA, and other accreditation and compliance programs.
• 5 years of experience in Incident Response, cybersecurity auditing, and CNDSP-related work.
• 12 years of directly relevant documented experience.
• 5 years of experience responding to Network Operations notifications and executing corrective actions.
• DoD 8570 IAM Level III (mandatory).
• 5 years of experience maintaining a System Security Authorization Agreement (SSAA) or similar accreditation package.
• 5 years of experience with DoD IAVM programs.
• 5 years of experience managing system vulnerabilities and generating detailed security reports.
• 5 years of experience developing and implementing security policies, applying system/network updates, and securing access to sensitive data.
• 5 years of experience in a DoD technology environment.
• Demonstrated ability to implement DoD 8570.01-M / DoD 8140 workforce requirements.
• Top Secret Clearance required.
• 5 years of experience administering, configuring, and securing ACAS and HBSS architectures.
• 5 years of experience designing, maintaining, and documenting system processes and procedures.
• 5 years of experience supporting DIARMF/RMF accreditation and maintaining associated documentation.

Benefits

Training + Development

Interview process

Visa Sponsorship

Security clearance