CYBER SECURITY SPECIALIST 4

VSolvit•Ventura, CA

5d•Remote

About The Position

The Cybersecurity Specialist 4 provides security and compliance oversight for the Risk Management Framework (RMF) Steps 1–6. This role ensures the integrity of current legacy and future security stacks through continuous monitoring, vulnerability management, and enforcement of DISA STIG compliance. You will act as a key technical resource for ensuring that Department of Navy CSM packages meet Authorization to Operate (ATO) deadlines while transitioning toward Zero Trust Architecture (ZTA). As with any position, additional expectations exist. Some of these include, but are not limited to, adhering to normal working hours, meeting deadlines, following company policies as outlined by the Employee Handbook, communicating regularly with assigned supervisor(s), staying focused on the assigned tasks, and completing other tasks as assigned.

Requirements

Must be a U.S. Citizen
Bachelor’s degree in Computer Science or a related field.
2–4 years of cloud engineering experience with specific expertise in RMF activities and ATO deadlines.
Expertise in Azure administration and cloud architecture.
Proficiency with Security Content Automation Protocol (SCAP) scanning tools and Navy eVALUATE.
Experience managing contractual deliverables and project schedules.
Experience with CI/CD and DevSecOps toolchains.
Current Security+ certification.
Active DoD Top Secret clearance or the ability to obtain one.

Nice To Haves

Active DoD Top Secret clearance.
Active Security+ certification.
Professional cloud certification, such as Microsoft Certified: Azure Associate.
Proven experience implementing DISA STIG configurations and supporting compliance for DoD SRG and NIST SP 800-53 security controls.

Responsibilities

Provide ongoing security support for the legacy SCCA stack and future ZTA Mission Landing Zone (MLZ) stacks in Azure Government across all RMF steps (1–6).
Perform RMF activities to support CSM Packages, ensuring all requirements are met to achieve and maintain ATO status.
Schedule package checkpoints, deliver status reports, and perform quality assurance reviews.
Maintain and report the system’s Authorization and Assessment (A&A) status and related security events.
Assist in identifying the security control baseline set and any applicable overlays.
Manage Plan of Action and Milestone (POA&M) entries to ensure vulnerabilities are properly tracked, mitigated, and resolved.
Support the implementation and maintenance of the SCCA, including routine patching and ensuring Secure Technical Implementation Guide (STIG) compliance.
Continuously monitor applications by assessing security control quality against requirements defined in the System Level Continuous Monitoring (SLCM) strategy.
Utilize Assured Compliance Assessment Solution (ACAS) results to update system POA&Ms.
Maintain Hardware and Software assessment sheets annually or upon environment changes.
Ensure strict adherence to the DoD SCCA Functional Requirements (v2.9) and the latest DoD Cloud Computing Security Requirements Guide (CC SRG).
Provide compliance support for RMF packages.
Manage, configure, and sustain future CN/ZTA MLZ security tools in Azure Government and Commercial.