Information System Security Specialist III Pending Contract Award - SBG

SBG a DSS Inc. company specializing in engineering information technology cybersecurity intelligence and training is looking for a hardworking resultsoriented Information Systems Security Specialist III. We are seeking highly motivated individuals with a positive attitude looking to join our rapidly growing company. The ideal candidates for this position have strong attention to detail analytical and ethical who can excel in a very fastpaced government contractor environment. This is an onsite role based in Charleston SC

**Contingent Upon Contract Award**

OVERVIEW

The Information System Security Specialist III is responsible for supporting all aspects of a Program Information Assurance (IA) processes tailored to include minimum qualification standards fundamental awareness and familiarity to demonstrated competency with specific experience in Cyber Security Engineering Test & Evaluation (T&E) and/or Security Control Assessor (SCA) under a Certification & Accreditation (C&A) and/or Assessment & Authorization (A&A) process.

The Information System Security Specialist III:

• Support all aspects of Program Information Assurance (IA) activities across the Certification & Accreditation (C&A) and/or Assessment & Authorization (A&A) lifecycle.

• Apply knowledge and experience in cybersecurity engineering Test & Evaluation (T&E) and/or Security Control Assessment (SCA) roles.

• Demonstrate working knowledge of the Risk Management Framework (RMF) and/or prior experience with Defense Information Assurance Certification and Accreditation Process (DIACAP).

• Interpret and apply relevant security policies and guidance documents to support the development and maintenance of IA artifacts and traceability documents required for Authority to Operate (ATO) compliance.

• Evaluate and validate security solutions to ensure they meet system requirements for handling up to classified information.

• Maintain and/or oversee the operational security posture of assigned information systems or programs.

• Assist in the development and enforcement of system security policies ensuring alignment with configuration management and change control processes.

• Plan coordinate and support the IT security program aligning efforts with command leadership goals and mission objectives.

Required

• Active DoD Secret Security Clearance

• Demonstrated working knowledge of the Risk Management Framework (RMF) process.

• Prior experience with the Defense Information Assurance Certification and Accreditation Process (DIACAP) is highly desirable.

• Handson experience with Information Assurance tools such as:

  • DISA Enterprise Mission Assurance Support Service (eMASS)

  • Assured Compliance Assessment Solution (ACAS)

  • Interim Security Control Assessor (SCA) qualification may be required.

• Familiarity with cybersecurity policies and guidance to support:

  • Preparation and maintenance of security artifacts

  • Creation of traceability documentation

  • Compliance with Authority to Operate (ATO) requirement

• Ability to evaluate and validate security solutions for systems processing up to classified information.

• Experience maintaining and/or supervising the operational security posture of information systems or programs.

• Experience developing and enforcing system security policies including support for configuration management and change control processes.

• At least 5 years of experience supporting one or more of the following within DoD or Federal environments:

  • Network and system security

  • Cybersecurity Service Providers (CSSP)

  • Cyber Red Teams

• With at least 3 of the following 6 focus areas:

  • Vulnerability Analysis

  • Network Security Monitoring

  • Incident Response / Forensics

  • Penetration Testing / Red Teaming

  • CND Infrastructure Support

  • CND Incident Response

Education:

• Five 5 years with bachelors degree or seventechnical or managerial related discipline
• 7 years with HS/GED of practical experience demonstrating competency in Cybersecurity Engineering Test & Evaluation (T&E) or Assessment & Authorization (A&A)/ Certification & Accreditation (C&A) related field.