Information System Security Specialist III

DirectViz Solutions•Virginia Beach, VA

5d•Onsite

About The Position

DirectViz Solutions (DVS) is a dynamic and rapidly growing government contractor committed to delivering innovative IT solutions that address the mission-critical needs of our government clients. Through the expertise and dedication of our talented team, we provide cutting-edge technology services designed to achieve success and exceed expectations. At DVS, we prioritize our employees as our greatest asset. We offer competitive compensation, comprehensive medical benefits, a 401(k) match, generous PTO accrual, professional development reimbursement, corporate-funded technology certifications, and robust employee recognition and appreciation programs. Information System Security Specialist III If you are passionate about cybersecurity, risk management, and protecting mission-critical systems, this is an opportunity to join a dynamic team supporting complex Department of Defense environments. We are seeking an experienced Information System Security Specialist III to support Risk Management Framework (RMF) activities, vulnerability management, compliance initiatives, and security authorization efforts across enterprise systems.

Requirements

Minimum of five (5) years of experience performing Risk Management Framework (RMF) activities.
Demonstrated experience performing STIG assessments, including the use of SCAP benchmarks.
Hands-on experience conducting vulnerability assessments using ACAS.
Experience utilizing Enterprise Mission Assurance Support Service (eMASS).
Experience developing and managing POA&M entries.
Experience completing RMF Step 5 authorization activities in an ISSE capacity.
Strong communication skills with the ability to present cybersecurity risks and remediation recommendations to technical and non-technical stakeholders.
Minimum certification as 461 (or equivalent as required by the applicable Technical Instruction) at the Intermediate level in accordance with DoDD 8140.01 or successor policy.
Must maintain a final adjudicated Tier 5 security investigation with an IT Level I designation in JPAS and/or DISS for all Privileged User responsibilities.
Active Secret Clearance required; Top Secret eligibility may be required depending on program needs.
U.S. Citizenship required.

Nice To Haves

Familiarity with NIST RMF, NIST SP 800-53, and DoD cybersecurity compliance standards.
Experience supporting security authorization packages within DoD environments.
Knowledge of vulnerability remediation processes and continuous monitoring practices.
Ability to work independently while supporting cross-functional technical teams.

Responsibilities

Support and execute Risk Management Framework (RMF) activities for DoD information systems.
Perform Security Technical Implementation Guide (STIG) assessments using SCAP benchmarks and other compliance validation tools.
Conduct vulnerability assessments utilizing Assured Compliance Assessment Solution (ACAS).
Manage and maintain RMF documentation and activities within eMASS.
Develop, track, and maintain Plans of Action and Milestones (POA&M) entries.
Support RMF Step 5 authorization activities while functioning in an Information System Security Engineer (ISSE) capacity.
Analyze cybersecurity risks and provide mitigation and risk reduction recommendations to stakeholders and leadership.
Collaborate with engineers, system administrators, and cybersecurity teams to ensure systems remain compliant with DoD cybersecurity requirements and security controls.
Assist with continuous monitoring, security posture assessments, and remediation efforts.