Cyber Security Specialist Quantico, VA - onsite Security Clearance: Active TS/SCI is required Must be IAT level III certified Major Duties & Responsibilities: + Assist in building, coordinating, maintaining, changing, and updating, the RMF A&A packages for the five enclaves administered by AFOSI. + Implement security controls and assist AFOSI customers with the implementation of controls. + Continuously monitor control compliance and remediate or POA&M systems as required. + Collaborate with enterprise operations and development teams to ensure the infrastructure and application are configured within DoD requirements. + Develop and maintain System Security Documents in accordance with the RMF Process to include policies, plans and procedures. + Ensure that all application deliverables and systems comply with applicable DISA STIGs or Security Requirements Guidance. + Assist in maintaining and updating HQ's AFOSI Governance, Risk and Compliance (GRC) application for assessing/managing risk, and authorizations for all AFOSI data networks. + Implement security controls and assist AFOSI customers with the implementation of controls. Continuously monitor control compliance and take immediate actions to bring systems into compliance. + Audit security log information using Splunk Enterprise, track firewall rule activity to create security baselines, and create alerts and reports. + Utilize the ACAS vulnerability scanning suite to identify configuration problems and missing patches. + Track and analyze Plan of Action & Milestones (POA&Ms) reports to conduct risks assessments. + Assist in the review of current Cyber Operational Readiness Assessment (CORA) requirements and ensure systems and their operations are compliant. Qualifications: + 5 years experience in cyber security and information assurance with at least 3 years of experience in systems administration for server and infrastructure support. + Bachelor’s degree in a related field desired. + Must be certified at IAT Level III (e.g., CASP+ CE/SecurityX, CISA, CCNP Security, CISSP, or equivalent certification satisfying DoD 8570/8140 certification requirements). + Experience with RMF, STIGs, GRC, PPSM, event log audit. + Working knowledge of firewall functionality. + Knowledge of analyzing the result of a security risk assessment. + Experience with the RMF steps to include categorization, security control selection, implementation plan development, assessment, and continuous monitoring. + Knowledge of the Information Assurance Vulnerability Management (IAVM) process and Common Vulnerabilities and Exposures (CVE) framework. + Experience with PowerShell scripting to automate repetitive tasks and gather security information. + Experience creating, reviewing, and revising security documentation and artifacts. + Experience with Vulnerability Management tools, such as ACAS, including the ability to read and analyze automated vulnerability reports. + Experience with Fortify Static Code analyzer, or another code scanner, desired. Experience with security information and event management (SIEM) software, such as Splunk or ArcSight. + Must possess analytical skills to troubleshoot cybersecurity issues and the ability to conceptualize server infrastructures and configurations. + Experience with Asset Management software, such as Lansweeper or SolarWinds desired. + Experience configuring and troubleshooting firewalls, and using protocol analyzers desired. + Experience participating in cyber security inspections and in Computer Network Defense (CND) actions such as incident response desired. + Experience with DoD IT environment and networks. + Must have strong communication skills and be able to work comfortably with all levels of an organization. + Must be a US citizen and hold a current Top Secret clearance with SCI access (TS/SCI). System One, and its subsidiaries including Joulé, ALTA IT Services, and Mountain Ltd., are leaders in delivering outsourced services and workforce solutions across North America. We help clients get work done more efficiently and economically, without compromising quality. System One not only serves as a valued partner for our clients, but we offer eligible employees health and welfare benefits coverage options including medical, dental, vision, spending accounts, life insurance, voluntary plans, as well as participation in a 401(k) plan. System One is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, age, national origin, disability, family care or medical leave status, genetic information, veteran status, marital status, or any other characteristic protected by applicable federal, state, or local law. #M1 #LI-VH1 #DI-VH1 Ref: #851-Rockville-S1 System One, and its subsidiaries including Joulé, ALTA IT Services, CM Access, TPGS, and MOUNTAIN, LTD., are leaders in delivering workforce solutions and integrated services across North America. We help clients get work done more efficiently and economically, without compromising quality. System One not only serves as a valued partner for our clients, but we offer eligible full-time employees health and welfare benefits coverage options including medical, dental, vision, spending accounts, life insurance, voluntary plans, as well as participation in a 401(k) plan. System One is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, age, national origin, disability, family care or medical leave status, genetic information, veteran status, marital status, or any other characteristic protected by applicable federal, state, or local law.