CYBERSECURITY SPECIALIST

The position of the Information Systems Security Engineer (ISSE) is to bridge the gap between high level security policies/requirements and technical/operational implementation of those requirements. The ISSE provides Security Compliance and Risk Mitigation Support to the Information Systems Security Manager (ISSM). The ISSE provides subject matter expertise and analysis in conducting the Risk Management Framework (RMF) process and the ongoing maintenance work required to sustain a system ATO in accordance with the appropriate security technology and Government policy methods.

As with any position, additional expectations exist. Some of these include, but are not limited to, adhering to normal working hours, meeting deadlines, following company policies as outlined by the Employee Handbook, communicating regularly with assigned supervisor(s), staying focused on the assigned tasks, and completing other tasks as assigned.

Responsibilities

The core of the work is focused on analyzing assessments and implementing an overall risk-based decision to effectively certify security controls and countermeasures, and the overall security posture of systems and programs, networks, and infrastructures throughout IT engineering lifecycles. Essential Duties and responsibilities may include the following:

• Conduct assessments of existing IT architecture for compliance with security requirements from applicable security frameworks.
• Create documentation to support information system authorization/accreditation packages.
• Provide continuous monitoring support for information systems.
• Develop IT architecture deliverables, specific to information security countermeasure implementations, for operational systems and systems under development.
• Develop IT security policies, standards, and guidance.
• Perform Audits and Assessments.
• Provide Business Continuity recommendations and solutions.
• Provide training and awareness.
• Perform Enterprise Mission Assurance Support Services administration
• Remediate any Burp Scan or Fortify Code vulnerabilities.
• Support TRACES cybersecurity meetings.
• Provide support for TRACES systems cybersecurity assessment and analysis, generating documentation to support and develop POA&Ms, and other artifacts as required by the ISSM or authorized representative. Use of vulnerability management tools such as ACAS, STIGs, VRAM and eMASS or similar systems repositories for IA purposes. The contractor must also have experience in assessing and mitigating technical security and operational risks to organizational enclaves and technologies
• Provide support services for enclaves and systems to achieve an Authorization to Operate (ATO) and an Authorization to Connect (ATC) and maintain an appropriate IA posture. Overseeing the development and maintenance of a system’s cybersecurity solutions. Identifying system type (IS, PIT, IT product, IT service) and any special considerations including multi-service/agency, joint, cross domain, Privacy Impact Information (PII), Protected Health Information (PHI), tactical, space, etc., to support RMF System categorization
• Assist in the mitigation and closure of open vulnerabilities under the system’s change control process. Overseeing cybersecurity testing to assess security controls, recording security control compliance status during the continuous monitoring phase of the lifecycle.

Basic Qualifications Required

• US Citizenship Required
• High School Diploma or GED
• 5+ years’ experience with DoD Information Assurance
• 5+ years’ experience maintaining IA experience related to RMF, DIACAP C&A submission documents
• 4+ years’ experience supporting Information Technology initiatives
• Minimum Baseline Certification: CompTIA Security+ and CompTIA Advanced Security (CISSP certification preferred) Practitioner
• Minimum Operating System Certification: Microsoft Windows 10, Microsoft Windows Server or VMware
• 5+ years’ proven experience in Enterprise Mission Assurance Support Services (eMass)

Preferred Qualifications 

• 3+ years’ experience with DoD Information Assurance
• 5+ years’ experience maintaining IA experience related to RMF, DIACAP C&A submission documents
• Strong written, verbal communication skills
• Demonstrated sound decision making in an IA or IT role
• Experience with a variety of network technologies
• Experience working with US Army Customer government
• RMF Experience / DIACAP or CISSP certification a plus
• Network administration experience on Windows, LINUX, or UNIX a plus
• Bachelor’s degree in information systems, Computer Science or other is preferred but not required 

Company Summary

Join the VSolvit Team! Founded in 2006, VSolvit (pronounced 'We Solve It') is a technology services provider that specializes in cybersecurity, cloud computing, geographic information systems (GIS), business intelligence (BI) systems, data warehousing, engineering services, and custom database and application development. VSolvit is an award winning WOSB, CA CDB, MBE, WBE, and CMMI Level 3 certified company. We offer a customizable health benefits program that best meets the needs of its employees. Offering may include medical, dental, and vision insurance, life insurance, long and short-term disability and other insurance products, Health Savings Account, Flexible Spending Account, 401K Retirement Plan options, Tuition Reimbursement, and assorted voluntary benefits. Our goal is to grow together and enjoy the work that we do as a team.

VSolvit LLC is an Equal Opportunity/Affirmative Action employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, national origin, protected veteran status, or disability status.