Cyber Security Specialist/ISSO- Hybrid Arlington, VA

Cyber Security Specialist/ISSO

This company is seeking a Cyber Security Specialist/Information Systems Security Officer to provide comprehensive security support for a Department of Defense (DoD) customer. This role will be responsible for day-to-day security operations, ensuring the protection and compliance of assigned information systems. The position requires expertise in secure Government enterprise-level systems, standalone networks, security policies, technical safeguards, and operational security practices.

The company is located in Arlington, VA and will be a hybrid model.

What You Will Be Doing:

• Ensure users comply with established information security policies and procedures to protect, operate, maintain, and dispose of systems and data in accordance with DoD regulations.
• Interpret, review, and maintain Information Systems Security Plans (SSPs), Security Control Traceability Matrices (SCTMs), assessments, and authorizations in line with DoD policies.
• Participate in and support security assessments of classified and Controlled Unclassified Information networks.
• Troubleshoot user accounts, network issues, perform backups, assist with Assured File Transfers, and ensure the security configuration integrity of systems.
• Identify vulnerabilities in information systems and recommend or implement countermeasures to secure network resources.
• Develop comprehensive Risk Management Framework (RMF) packages, including SSPs, Enterprise Sub-System packages, Information Continuous Security Monitoring Plans, and related documentation, in coordination with program managers and security teams.
• Load and configure secure Sectera vIPer phones and manage encryption keys.
• Analyze system audit logs to detect anomalous activities and potential threats.
• Conduct cyber awareness and information security training for company employees.
• Perform security audits to ensure proper system usage and compliance.
• Maintain up-to-date information systems documentation, including training records, user agreements, and system baselines.
• Collaborate with stakeholders, including the ISSM, CPSO/FSO, and IT teams, to define and maintain an acceptable security posture.
• Support the ISSM in addressing security compliance incidents and reporting security violations.
• Develop and maintain a Plan of Action and Milestones (POA&M) for addressing security vulnerabilities and provide recommendations for corrective actions.

Required Skills & Experience:

• Bachelor’s degree in computer engineering, computer science, information systems, or a related field (or 4 years of hands-on experience in lieu of a degree).
• 5-8 years of relevant security experience with large-scale IT and database systems featuring multi-tier architectures and complex software integration.
• 3-5 years of experience configuring Red Hat, other Linux distributions, and Windows operating systems in accordance with Security Technical Implementation Guides (STIGs).
• Strong knowledge of technical standards related to information system security; preferred experience with Windows Server, thin-client architecture, virtualization, and related technologies.
• Familiarity with certification/authorization frameworks, including NISPOM, RMF, ICD 503, NIST SP 800-53, NIST SP 800-171, DoD STIG Overlays, and other USG security policies.
• Ability to obtain and maintain DoD 8140.01 (formerly 8570.01-M) certification at IAT Level 1 or 2 (CAP, CND, CompTIA Security+, or CompTIA CySA+).
• Strong creativity, initiative, and independence in managing security tasks.
• Preference for candidates with experience in Research & Development environments.
• Active Top-Secret clearance required.

Applicants must be currently authorized to work in the United States on a full-time basis now and in the future.
This position doesn’t provide sponsorship.