Cybersecurity Expert

At IPSecure, we are seeking a highly skilled Information System Security Specialist to join our team. As an Information System Security Officer, you will be responsible for providing Risk Management Framework (RMF) support and ensuring the security of our systems.

The successful candidate will have experience in documenting, implementing, and assessing security controls, as well as performing system monitoring and compliance assessment activities. You will also be involved in all aspects of cybersecurity operations and will partner with program/site leads, government staff, and mission partners to maintain an effective information security program.

This position requires a strong understanding of NIST 800-53 controls and RMF. You will be working with various endpoint security, vulnerability, and enumeration tools, including Tenable Nessus, Security Center, SolarWinds, EndPoint Security Solutions, Vulnerator, and SCAP Compliance Checker.

The ideal candidate will have a Bachelor's degree in Cybersecurity or a related field and 3+ years of experience, or a Master's degree. You must have an active Top Secret security clearance with SCI and experience working in information assurance or cybersecurity roles supporting classified DoD environments.

In addition to your technical skills, you will need to possess excellent communication skills to coordinate with program/site leads, government staff, and mission partners. Proven ability to work in a team environment and adapt to changing priorities is essential.

We offer a comprehensive benefits package, including medical, dental, vision, unlimited vacation, sick leave, paid federal holidays, education and certification reimbursement program, 401(k) retirement plan with safe harbor employer match after 3 months, prepaid legal plan, ID protection plan, accident insurance, critical illness insurance, and hospital indemnity insurance.

• Develop and maintain RMF body of evidence documentation using Microsoft products such as Word, Excel, PowerPoint, and Visio.
• Maintain repositories of all body of evidence documentation for systems under your purview and ensure they are accessible only to properly authorized individuals.
• Develop and execute security control assessment procedures to verify conformance with control requirements as part of ongoing continuous monitoring and authorization assessment activities.
• Work in close coordination with system administrators and other cyber team members to ensure systems are operated, maintained, and disposed of in accordance with applicable security policies and procedures.
• Support the CISO, PM, ISSM or ISO in maintaining current authorization to operate and approval to connect, and in implementing corrective actions identified in the plan of action and milestones.
• Evaluate all security-related vulnerabilities and deficiencies and document them in the Plan of Action and Milestones (POA&M).
• Ensure the integration of cybersecurity into and throughout the lifecycle of IT on behalf of the ISSM and ISO.
• Develop and implement an effective information security education, training, and awareness program.
• Ensure configuration management policies and procedures for authorizing use of hardware/software on a system are followed.
• Coordinate any additions, changes, or modifications to hardware, software, or firmware with the ISSO/ISSM prior to implementation.
• Report security incidents or vulnerabilities to the CISO/ISSM/wing cybersecurity office according to AFI 17-203, Cyber Incident Handling.