Information System Security Specialist III (Pending Contract Award) - SBG

Description

SBG, a DSS, Inc. company, specializing in engineering, information technology, cyber-security, intelligence, and training, is looking for a hard-working results-oriented Information Systems Security Specialist III. We are seeking highly motivated individuals with a positive attitude looking to join our rapidly growing company. The ideal candidates for this position have strong attention to detail, analytical and ethical, who can excel in a very fast-paced government contractor environment. This is an on-site role based in Charleston, SC

**Contingent Upon Contract Award**

OVERVIEW

The Information System Security Specialist III is responsible for supporting all aspects of a Program Information Assurance (IA) processes tailored to include minimum qualification standards, fundamental awareness and familiarity to demonstrated competency with specific experience in Cyber Security, Engineering, Test & Evaluation, (T&E) and/or Security Control Assessor (SCA) under a Certification & Accreditation (C&A) and/or Assessment & Authorization (A&A) process.

The Information System Security Specialist III:

• Support all aspects of Program Information Assurance (IA) activities across the Certification & Accreditation (C&A) and/or Assessment & Authorization (A&A) lifecycle.

• Apply knowledge and experience in cybersecurity, engineering, Test & Evaluation (T&E), and/or Security Control Assessment (SCA) roles.

• Demonstrate working knowledge of the Risk Management Framework (RMF) and/or prior experience with Defense Information Assurance Certification and Accreditation Process (DIACAP).

• Interpret and apply relevant security policies and guidance documents to support the development and maintenance of IA artifacts and traceability documents required for Authority to Operate (ATO) compliance.

• Evaluate and validate security solutions to ensure they meet system requirements for handling up to classified information.

• Maintain and/or oversee the operational security posture of assigned information systems or programs.

• Assist in the development and enforcement of system security policies, ensuring alignment with configuration management and change control processes.

• Plan, coordinate, and support the IT security program, aligning efforts with command leadership goals and mission objectives.

Qualifications

Required

• Active DoD Secret Security Clearance

• Demonstrated working knowledge of the Risk Management Framework (RMF) process.

• Prior experience with the Defense Information Assurance Certification and Accreditation Process (DIACAP) is highly desirable.

• Hands-on experience with Information Assurance tools such as:

  • DISA Enterprise Mission Assurance Support Service (eMASS)

  • Assured Compliance Assessment Solution (ACAS)

  • Interim Security Control Assessor (SCA) qualification may be required.

• Familiarity with cybersecurity policies and guidance to support:

  • Preparation and maintenance of security artifacts

  • Creation of traceability documentation

  • Compliance with Authority to Operate (ATO) requirement

• Ability to evaluate and validate security solutions for systems processing up to classified information.

• Experience maintaining and/or supervising the operational security posture of information systems or programs.

• Experience developing and enforcing system security policies, including support for configuration management and change control processes.

• At least 5 years of experience supporting one or more of the following within DoD or Federal environments:

  • Network and system security

  • Cybersecurity Service Providers (CSSP)

  • Cyber Red Teams

• With at least 3 of the following 6 focus areas:

  • Vulnerability Analysis

  • Network Security Monitoring

  • Incident Response / Forensics

  • Penetration Testing / Red Teaming

  • CND Infrastructure Support

  • CND Incident Response

Education:

• Five (5) years with bachelor’s degree or seven technical or managerial related discipline
• (7) years with HS/GED of practical experience demonstrating competency in Cybersecurity, Engineering, Test & Evaluation (T&E) or Assessment & Authorization (A&A)/ Certification & Accreditation (C&A) related field.