Cyber Security (SME)

Dine-Source, LLC is SBA 8(a) SDB certified a company dedicated to solving IT business problems for three major markets: Federal, Commercial and Tribal. DDC-ITS is 100% owned by the Navajo Nation and has been in business since 2011. Our focus is on the ever-changing world of Cyber Security with respect to staffing for building and securing networks and enterprise applications. Another focus is to provide businesses with the Hardware & Software to meet their needs. We both sell and implement complete business solutions. Job Duties and Responsibilities: Duties & responsibilities: Apply expert-level knowledge of the Risk Management Framework (RMF), including NIST SP 800-53 Revisions 4 and 5, to support security authorization processes and prepare comprehensive ATO submission packages. Coordinate with DISA, System Integrators, the Program Office, and Database Administrators to identify, analyze, and remediate system vulnerabilities. Perform continuous monitoring of security controls in alignment with the RMF strategy, ensuring ongoing compliance and risk awareness. Collaborate with Security Control Assessor (SCA) and Security Control Assessment Representative (SCAR) teams to plan and execute security testing for system releases and authorization activities. Support vulnerability management efforts, including implementation and tracking of STIGs, ACAS scans, Fortify static code analysis, and SIEM-based alerting and monitoring. Review and analyze system logs and alerts generated by the SIEM to detect potential threats and assess system health. Assess newly identified vulnerabilities, initiate appropriate tickets, and manage resolution through the Configuration Management and cyber release processes. Work closely with the Compliance Team to support annual FIAR audit activities (e.g., SOC 1, SOC 2), track Audit findings via POA&Ms through resolution. Participate in annual cybersecurity evaluations and red/blue team assessments, providing analysis and remediation planning for network, application, and database architecture findings. Contribute to AGILE Release Management Integrated Product Teams (IPTs), ensuring cybersecurity requirements are incorporated throughout system development and change processes. Develop, review, and maintain cybersecurity policies, program documentation, and PMO guidance to support governance and compliance objectives. Lead remediation efforts for vulnerabilities documented in POA&Ms or planned cyber releases, with emphasis on addressing high-risk findings identified by the SCA within defined timelines. Provide program leadership with regular updates on the status of open POA&M items, including monthly reporting or as requested. Support annual FISMA assessments, incident response activities, and contingency plan testing to maintain security posture and operational readiness. Maintain working knowledge of applicable cybersecurity standards, policies, and regulations, including those from NIST, DoD, and other federal entities.