Cyber Security Specialist/ISSO- Hybrid Arlington, VA
Arlington, Virginia
Hybrid
Full Time
$140k - $180k
Cyber Security Specialist/ISSO
This company is seeking a Cyber Security Specialist/Information Systems Security Officer to provide comprehensive security support for a Department of Defense (DoD) customer. This role will be responsible for day-to-day security operations, ensuring the protection and compliance of assigned information systems. The position requires expertise in secure Government enterprise-level systems, standalone networks, security policies, technical safeguards, and operational security practices.
The company is located in Arlington, VA and will be a hybrid model.
What You Will Be Doing:
Applicants must be currently authorized to work in the United States on a full-time basis now and in the future.
This position doesn’t provide sponsorship.
This company is seeking a Cyber Security Specialist/Information Systems Security Officer to provide comprehensive security support for a Department of Defense (DoD) customer. This role will be responsible for day-to-day security operations, ensuring the protection and compliance of assigned information systems. The position requires expertise in secure Government enterprise-level systems, standalone networks, security policies, technical safeguards, and operational security practices.
The company is located in Arlington, VA and will be a hybrid model.
What You Will Be Doing:
- Ensure users comply with established information security policies and procedures to protect, operate, maintain, and dispose of systems and data in accordance with DoD regulations.
- Interpret, review, and maintain Information Systems Security Plans (SSPs), Security Control Traceability Matrices (SCTMs), assessments, and authorizations in line with DoD policies.
- Participate in and support security assessments of classified and Controlled Unclassified Information networks.
- Troubleshoot user accounts, network issues, perform backups, assist with Assured File Transfers, and ensure the security configuration integrity of systems.
- Identify vulnerabilities in information systems and recommend or implement countermeasures to secure network resources.
- Develop comprehensive Risk Management Framework (RMF) packages, including SSPs, Enterprise Sub-System packages, Information Continuous Security Monitoring Plans, and related documentation, in coordination with program managers and security teams.
- Load and configure secure Sectera vIPer phones and manage encryption keys.
- Analyze system audit logs to detect anomalous activities and potential threats.
- Conduct cyber awareness and information security training for company employees.
- Perform security audits to ensure proper system usage and compliance.
- Maintain up-to-date information systems documentation, including training records, user agreements, and system baselines.
- Collaborate with stakeholders, including the ISSM, CPSO/FSO, and IT teams, to define and maintain an acceptable security posture.
- Support the ISSM in addressing security compliance incidents and reporting security violations.
- Develop and maintain a Plan of Action and Milestones (POA&M) for addressing security vulnerabilities and provide recommendations for corrective actions.
- Bachelor’s degree in computer engineering, computer science, information systems, or a related field (or 4 years of hands-on experience in lieu of a degree).
- 5-8 years of relevant security experience with large-scale IT and database systems featuring multi-tier architectures and complex software integration.
- 3-5 years of experience configuring Red Hat, other Linux distributions, and Windows operating systems in accordance with Security Technical Implementation Guides (STIGs).
- Strong knowledge of technical standards related to information system security; preferred experience with Windows Server, thin-client architecture, virtualization, and related technologies.
- Familiarity with certification/authorization frameworks, including NISPOM, RMF, ICD 503, NIST SP 800-53, NIST SP 800-171, DoD STIG Overlays, and other USG security policies.
- Ability to obtain and maintain DoD 8140.01 (formerly 8570.01-M) certification at IAT Level 1 or 2 (CAP, CND, CompTIA Security+, or CompTIA CySA+).
- Strong creativity, initiative, and independence in managing security tasks.
- Preference for candidates with experience in Research & Development environments.
- Active Top-Secret clearance required.
Applicants must be currently authorized to work in the United States on a full-time basis now and in the future.
This position doesn’t provide sponsorship.