Information Assurance Specialist

TRISTAR INC•Crane, IN

1h•Hybrid

About The Position

We are seeking a highly motivated Cybersecurity / Information Assurance (IA) Specialist to support systems in achieving and maintaining cybersecurity compliance and Authorization to Operate (ATO). The ideal candidate will have experience working within the Risk Management Framework (RMF) and supporting enterprise-level cybersecurity compliance efforts. This is a Hybrid position. Occasional travel to Crane, IN as needed. #LI-remote

Requirements

Experience supporting cybersecurity efforts within DoD or federal environments.
Strong knowledge of: Risk Management Framework (RMF), eMASS, and ATO processes and lifecycle management.
Experience with vulnerability management and remediation tracking.
Familiarity with ACAS, STIGs, and SCAP compliance tools.
Ability to create and maintain detailed cybersecurity documentation.
Strong communication and coordination skills across technical and non-technical stakeholders.
Prior experience supporting system accreditation and continuous monitoring activities.
Must be a U.S. Citizen.
Must be able to obtain and maintain a Secret Security Clearance.
Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience).
Must have or be able to obtain a CompTIA Security Plus certification prior to start date.

Responsibilities

Provide Information Assurance (IA) and cybersecurity support to ensure compliance with DoW cybersecurity policies and standards.
Support the development, submission, and maintenance of ATO packages within the Enterprise Mission Assurance Support Service (eMASS).
Create, update, and manage IA artifacts required for: Initial system authorization, Continuous monitoring, and System reauthorization / re-accreditation.
Implement cybersecurity processes aligned with the Risk Management Framework (RMF), including: Security control identification and assessment, Control implementation documentation, and Authorization package support.
Develop and maintain Plan of Actions and Milestones (POA&M) to track vulnerabilities and mitigation strategies.
Coordinate with system stakeholders to track remediation efforts and ensure timely closure of findings.
Identify, track, and remediate vulnerabilities in accordance with: Information Assurance Vulnerability Alerts (IAVAs) and Operational Directives (OPDIRs).
Perform vulnerability scanning and compliance validation using Assured Compliance Assessment Solution (ACAS).
Assess and document system compliance with Security Technical Implementation Guides (STIGs).
Utilize STIG checklists and Security Content Automation Protocol (SCAP) tools for validation.
Develop and maintain system security documentation, including: System management procedures, Standard operating procedures (SOPs), and Cybersecurity process documentation.
Support Annual Security Reviews (ASRs) and assist in Verification and Validation (V&V) activities.
Collaborate with Government and contractor personnel to ensure systems maintain continuous ATO compliance.