IT Cybersecurity Specialist 3

About The Position

Requirements

• Active TS/SCI with CI Poly and ability to maintain eligibility. U.S. Citizenship required
• Bachelor’s degree in Cybersecurity, Computer Science, or related field; equivalent experience considered
• Four years of directly related exempt work experience may be used to satisfy the bachelor’s degree requirement
• 4+ years of IA/cybersecurity experience with 3+ years directly supporting RMF/ATO for DoD/IC systems
• Current DoD 8570/8140 Tier II certification or higher
• Hands-on experience with NIST SP 800-53, DoDI 8510.01, CNSSI 1253, JSIG/ICD 503, and STIG/SRG application
• Proficiency in vulnerability and compliance tools: Tenable Nessus, SCAP, DISA STIG Viewer, log/monitoring, and familiarity with patch management
• Experience developing and maintaining SSP, SAR/SAP, POA&M, and RMF evidence; strong technical writing skills
• Knowledge of network security, Windows/Linux hardening, virtualization, endpoint protection, identity & access management, encryption/key management, and secure configuration baselines

Nice To Haves

• Additional cybersecurity certifications (CAP, CEH, GSEC, GSLC)
• Experience supporting Defense and Intelligence Community programs
• Familiarity with secure cloud and hybrid environments (e.g., DoD Cloud SRG, IL2–IL6, GovCloud, IC ITE)
• Prior involvement in customer-led cybersecurity inspections or assessments

Responsibilities

• Execute and document all RMF activities across the full lifecycle in accordance with DoDI 8510.01, NIST SP 80053, CNSSI 1253, JSIG/ICD 503, and customer‑ specific‑ guidance.
• Develop and maintain RMF artifacts including the SSP, SAP/SAR, POA&Ms, Contingency Plans, IR Plans, and related IA documentation.
• Support ATO package preparation and submission using government customer RMF/IA tools for evidence upload, workflow tracking, and assessor interactions.
• Implement, assess, and validate security controls; support control tailoring and inheritance strategies.
• Perform continuous monitoring using government approved‑ compliance scanning tools: Vulnerability scanning tools STIG/SRG-based configuration validation Automated compliance assessments
• Maintain system baselines, secure configurations, asset inventories, and IA-related change documentation.
• Support audit readiness and assist with customer inspections, CCRI-type events, and periodic cybersecurity evaluations.
• Track, manage, and drive closure of POA&Ms and risk items.
• Provide day-to-day IA support for classified systems, including boundary analysis, system configuration reviews, and data handling oversight.
• Support event detection and response activities using government customer log aggregation tools, ensuring accurate log capture, retention, and reporting.
• Participate in incident response coordination with Contractor Program Security Officer (CPSO) in accordance with customer and organizational procedures.
• Guide engineering and operations teams on secure design principles, system changes, and cybersecurity impacts.
• Maintain risk tracking, document deviations and mitigations, and communicate system risk posture to IA leadership and stakeholders.
• Support policy compliance, user training, secure handling, insider threat awareness, and governance activities.
• Coordinate with AOs, SCAs, customer cybersecurity offices, and program security personnel.

Benefits

• 401(k) match plus an additional employer contribution
• Discretionary annual incentive bonus for eligible employees
• Generous paid time off
• Flexible work environments