Information System Security Specialist

About The Position

Requirements

• Experience supporting DoD cybersecurity programs and IA compliance requirements.
• Hands-on experience with vulnerability scanning tools such as NESSUS and ACAS.
• Familiarity with SCAP compliance tools and reporting.
• Strong understanding of STIGs, RMF, and ATO processes.
• Experience with system patching, configuration management, and baseline control.
• Ability to analyze security risks and implement effective mitigation strategies.
• Strong documentation and communication skills.
• Experience working with DoD systems and environments.
• Knowledge of network security, intrusion detection, and incident response practices.
• Must be a U.S. Citizen.
• Must be able to obtain and maintain a security clearance.
• Must have CompTIA Security Plus prior to start date.

Responsibilities

• Provide software support for CAC2S patching and vulnerability scanning activities.
• Perform monthly maintenance of software baselines to ensure IA compliance.
• Conduct regressive compliance scanning in support of the monthly patch cycle, including ACAS scans and SCAP reporting.
• Maintain detailed records of applied patches and update documentation with current software versions.
• Monitor system changes and ensure configuration control of the software baseline.
• Identify potential system vulnerabilities and proactively implement mitigation strategies.
• Detect, respond to, and remediate cyber threats, vulnerabilities, and system flaws.
• Monitor and analyze networks and systems to assess risk and recommend security improvements.
• Conduct quarterly compliance reviews to support ATO accreditation and certification requirements.
• Perform periodic system security scans using NESSUS/ACAS and validate STIG compliance.
• Coordinate all hardware, software, and firmware changes with ISSM/ISSO personnel.
• Ensure timely and accurate installation of security patches across systems.