Information Systems Security Officer

About The Position

Requirements

• Current or ability to obtain a Department of Defense (DoD) Secret Clearance is required. Note: To obtain a security clearance, you must be a U.S. citizen and meet the 13 adjudicative guidelines.
• 3 or more years of experience supporting DIACAP and/or RMF activities, with RMF experience preferred.
• Experience supporting RMF testing, analysis, and documentation needed to complete RMF package submissions.
• Experience performing vulnerability risk analysis based on deficiencies identified during RMF testing or security assessments.
• Experience using IA tools and scanners to evaluate the security posture of a system or enclave.
• Experience with Enterprise Mission Assurance Support Service, or eMASS.
• Familiarity with federal IT security standards and guidance, including FISMA, FIPS, NIST Special Publications, and NIST SP 800-37.
• Understanding of the RMF process in accordance with the Navy RMF Process Guide.
• Current certification in at least one of the following, as required by contract: CAP, CND, CompTIA Cloud+, GSLC, or CompTIA Security+.
• Strong technical writing skills, including the ability to prepare, review, and maintain security documentation.
• Strong verbal and written communication skills.
• Strong problem-solving skills and attention to detail.
• Ability to work independently and collaboratively with technical and program teams.

Nice To Haves

• Degree in Computer Science, Cybersecurity, Information Technology, or a related field.
• Experience supporting Navy cybersecurity, A&A, or RMF activities.
• Experience with security technologies such as firewalls, intrusion detection systems, intrusion prevention systems, and vulnerability assessment tools.
• Experience supporting POA&M development, tracking, remediation, and closure.

Responsibilities

• Support security control implementation, testing, and assessment activities in alignment with the Risk Management Framework.
• Assist with reviewing, documenting, mitigating, and closing system vulnerabilities through the appropriate change control and remediation processes.
• Support Authorization and Accreditation activities, including security requirements review, documentation support, and package preparation.
• Review, update, and maintain RMF cybersecurity documentation, including documentation related to POA&Ms, security controls, assessment results, and remediation activities.
• Perform vulnerability risk analysis based on deficiencies identified during testing, scanning, or assessment activities.
• Use IA tools, scanners, and security technologies to help evaluate the security posture of systems or enclaves.
• Coordinate with PMO, Operations, and IT Security teams to support A&A activities and POA&M remediation.
• Prepare or contribute to security assessment reports that document assessment results, findings, risks, and recommended corrective actions.
• Support planning and coordination for incident response, business continuity, disaster recovery, vulnerability reporting, and threat reporting processes.
• Write, edit, and maintain IT security documentation in alignment with applicable federal and DoD cybersecurity requirements.
• Carry out other related duties as assigned, demonstrating flexibility and adaptability in meeting evolving client, platform, and company needs.

Benefits

• Competitive salary and discretionary bonuses.
• Comprehensive health benefits, including medical, dental, and vision insurance.
• Flexible Paid Time Off (PTO) and holidays to help you maintain a healthy work-life balance.
• Opportunities for professional development and continued learning.
• Hybrid/remote work arrangement with flexible hours.
• 401(k) retirement plan with company match.
• Employee recognition programs and company events.