Overview
On Site
Full Time
Skills
IT Security
Information Systems
OMB
Event Management
SIEM
Intrusion Detection
Data Loss Prevention
DLP
Regulatory Compliance
Documentation
NIST SP 800 Series
Continuous Monitoring
Auditing
Vulnerability Scanning
Access Control
Multi-factor Authentication
Reporting
Computer Science
Information Technology
Cyber Security
FISMA
Risk Management Framework
RMF
FedRAMP
Operating Systems
Microsoft Windows
Linux
Cloud Security
Amazon Web Services
Microsoft Azure
Vulnerability Management
Security Controls
Log Analysis
Communication
Technical Drafting
System Security
Firewall
Virtual Private Network
IDS
IPS
Endpoint Protection
Confluence
ServiceNow
Critical Thinking
Problem Solving
Conflict Resolution
Security+
CISSP
CISA
CISM
Certified Ethical Hacker
Cisco Certifications
Security Clearance
Job Details
Serves as a member of the IT security team responsible for protecting the confidentiality, integrity, and availability of agency information systems. This position focuses on implementing cybersecurity policies, administering security controls, monitoring system security posture, and ensuring compliance with federal mandates such as FISMA, OMB A-130, and the NIST Risk Management Framework (RMF). Responsibilities may include, but are not limited to:
Administer and maintain cybersecurity tools and infrastructure, including firewalls, security information and event management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), endpoint protection platforms (EPP/EDR), and data loss prevention (DLP) solutions.
Support compliance activities and documentation under FISMA, NIST SP 800-53, 800-37, and 800-171 guidelines.
Assist in the implementation and continuous monitoring of ATO packages.
Participate in security assessments, audits, and vulnerability scanning activities; provide mitigation strategies and follow-up remediation.
Administer access control mechanisms including PIV cards, multi-factor authentication (MFA), and least privilege principles in line with Zero Trust Architecture.
Provide support for POA&M tracking and resolution.
Coordinate with internal stakeholders, system owners, and external agencies on security-related matters and incident reporting.
Bachelor's degree in computer science, information technology, cybersecurity, or a related field.
3+ years of relevant experience. Additional experience can be substituted for a degree.
Strong understanding of federal cybersecurity regulations and frameworks (FISMA, NIST RMF, FedRAMP, TIC 3.0).
Familiarity with enterprise operating systems (Windows, Linux) and cloud security principles (AWS, Azure Government).
Proficiency in vulnerability management, security controls implementation, and log analysis.
Effective written and verbal communication skills, particularly in drafting POA&Ms, incident reports, and system security plans (SSPs).
Experience supporting the implementation and monitoring of ATOs.
Solid understanding of security principles, protocols, and technologies.
Knowledge of firewalls, VPNs, IDS/IPS, and endpoint protection.
Knowledge and experience JAMF, MECM, Confluence, and ServiceNow are highly desired.
Must be engaging and proactive with critical thinking and problem-solving ability, both independently and as part of a team.
Relevant certifications such as Security+, CISSP, CISA, CISM, CASP, CEH, CCNA, CCNP are highly desired.
Must be able to attain agency suitability clearance prior to start date.
Administer and maintain cybersecurity tools and infrastructure, including firewalls, security information and event management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), endpoint protection platforms (EPP/EDR), and data loss prevention (DLP) solutions.
Support compliance activities and documentation under FISMA, NIST SP 800-53, 800-37, and 800-171 guidelines.
Assist in the implementation and continuous monitoring of ATO packages.
Participate in security assessments, audits, and vulnerability scanning activities; provide mitigation strategies and follow-up remediation.
Administer access control mechanisms including PIV cards, multi-factor authentication (MFA), and least privilege principles in line with Zero Trust Architecture.
Provide support for POA&M tracking and resolution.
Coordinate with internal stakeholders, system owners, and external agencies on security-related matters and incident reporting.
Bachelor's degree in computer science, information technology, cybersecurity, or a related field.
3+ years of relevant experience. Additional experience can be substituted for a degree.
Strong understanding of federal cybersecurity regulations and frameworks (FISMA, NIST RMF, FedRAMP, TIC 3.0).
Familiarity with enterprise operating systems (Windows, Linux) and cloud security principles (AWS, Azure Government).
Proficiency in vulnerability management, security controls implementation, and log analysis.
Effective written and verbal communication skills, particularly in drafting POA&Ms, incident reports, and system security plans (SSPs).
Experience supporting the implementation and monitoring of ATOs.
Solid understanding of security principles, protocols, and technologies.
Knowledge of firewalls, VPNs, IDS/IPS, and endpoint protection.
Knowledge and experience JAMF, MECM, Confluence, and ServiceNow are highly desired.
Must be engaging and proactive with critical thinking and problem-solving ability, both independently and as part of a team.
Relevant certifications such as Security+, CISSP, CISA, CISM, CASP, CEH, CCNA, CCNP are highly desired.
Must be able to attain agency suitability clearance prior to start date.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.