Information System Security Specialist IIOverviewIf you are passionate about cybersecurity, Risk Management Framework (RMF) compliance, and protecting mission-critical systems, this is an exciting opportunity to support secure enterprise environments within a high-visibility government program. We are seeking an experienced Information System Security Specialist II to support cybersecurity authorization activities, vulnerability management, and security compliance initiatives across complex information systems.
The ideal candidate will have hands-on experience with RMF processes, STIG assessments, vulnerability remediation support, and security authorization documentation in DoD environments.
Key Responsibilities- Support Risk Management Framework (RMF) activities for government information systems throughout the system lifecycle.
- Conduct Security Technical Implementation Guide (STIG) assessments using SCAP benchmarks and related compliance tools.
- Perform vulnerability assessments utilizing the Assured Compliance Assessment Solution (ACAS) tool.
- Support the development, tracking, and maintenance of Plans of Action and Milestones (POA&M).
- Utilize Enterprise Mission Assurance Support Service (eMASS) to manage cybersecurity authorization packages and security documentation.
- Assist with RMF Step 5 authorization activities while supporting Information System Security Engineer (ISSE) functions.
- Analyze cybersecurity findings and provide risk reduction recommendations to technical and non-technical stakeholders.
- Collaborate with system administrators, engineers, ISSOs, and government personnel to ensure cybersecurity compliance and remediation efforts are completed.
- Support continuous monitoring initiatives and maintain compliance with DoD cybersecurity policies and standards.
- Prepare and maintain cybersecurity documentation, assessment reports, and compliance artifacts.
Required QualificationsEducation & Certification- Minimum certification compliant with DoDD 8140.01 Intermediate Level requirements for specialty area 461 (or equivalent certification as defined by the applicable Technical Instruction).
- All personnel performing Privileged User functions must maintain:
- A final adjudicated Tier 5 security investigation
- IT Level I designation in JPAS and/or DISS
Experience- Minimum of two (2) years of experience performing Risk Management Framework (RMF) activities.
- Demonstrated experience conducting STIG assessments utilizing SCAP benchmarks.
- Experience performing vulnerability assessments using ACAS.
- Hands-on experience using eMASS.
- Experience developing and managing POA&M entries.
- Experience supporting RMF Step 5 authorization activities in an ISSE capacity.
- Demonstrated ability to communicate cybersecurity risks and remediation
Clearance Requirements- Active Secret clearance required.
- At least three personnel within this labor category must be eligible for Top Secret/SCI access.
Preferred Qualifications- Experience supporting DoD or Navy cybersecurity environments.
- Familiarity with NIST RMF, DoD cybersecurity policies, and continuous monitoring requirements.
- Strong analytical, documentation, and communication skills.
- Ability to work effectively in a collaborative, fast-paced environment.
Work LocationIf you thrive on solving complex problems and building meaningful connections, we'd love to hear from you. Join our team and make an impact today!
Physical and Mental Qualifications:- Maintain focus and awareness throughout scheduled working hours.
- Perform tasks requiring prolonged periods of sitting or standing at a desk, utilizing a computer, mouse, and keyboard.
- Lift and move objects weighing up to 15 pounds as needed.
- Exhibit excellent verbal and written communication skills, with a strong command of the English language.
- Demonstrate the ability to work independently while also collaborating effectively as part of a team.
- Quickly learn and retain routine tasks and processes.
- Possess strong organizational skills, attention to detail, business correspondence proficiency, and self-management capabilities.
- Perform the essential functions of the role satisfactorily; reasonable accommodation will be provided for employees with disabilities upon request.
- Accept and adapt to additional responsibilities or changes to assigned duties as determined by DirectViz Solutions (DVS).
