Join Us -Information Systems Security Specialist II

Information Systems Security Specialist II

This position is contingent upon funding with an expected start date of December 2025

SECRET Clearance required

We are seeking an Information Systems Security Specialist II; this role is focused on conducting Security Technical Implementation Guide (STIG) assessments and performing vulnerability assessments using the Assured Compliance Assessment Solution (ACAS). You will manage security authorization packages and risk assessment documentation in eMASS, while developing and maintaining Plans of Actions and Milestones (POA&M) to remediate security vulnerabilities. As part of your responsibilities, you’ll execute Risk Management Framework (RMF) Step 5 authorizations as an Information System Security Engineer (ISSE), providing critical security risk mitigation recommendations and guidance to stakeholders.

On-site only, no telework.

Virginia Beach, VA

Conduct Security Technical Implementation Guide (STIG) assessments, utilizing SCAP benchmarks and Evaluate STIG.
Perform vulnerability assessments using the Assured Compliance Assessment Solution (ACAS) tool.
Manage security authorization packages and risk assessment documentation within eMASS.
Develop and maintain Plans of Actions and Milestones (POA&M) to remediate security vulnerabilities.
Execute Risk Management Framework (RMF) Step 5 authorizations as an Information System Security Engineer (ISSE).
Provide security risk mitigation recommendations and guidance to stakeholders.
Ensure compliance with DoD 8570.01-M IAM Level II certification requirements and other relevant regulations.

Active DOD Secret security clearance
Bachelor’s degree in Cybersecurity, Cyber Operations, Cyber Engineering, Information System, Information Technology, Computer, Electrical, or Electronics Engineering, Software Engineering, Computer Science, Mathematics with a concentration in Computer Science, or equivalent to above disciplines.
DoD Approved 8570 Baseline Certification: Category IAM Level II (One of the Following):
CAP
CASP+ CE
CISM
CISSP (or Associate)
CCISO
GSLC
HCISPP
Five (5) years of full-time professional experience performing Risk Management Framework activities.
Demonstrated experience in the following areas
Performing STIG assessments to include using SCAP benchmarks and Evaluate STIG
Performing vulnerability assessments with the Assured Compliance Assessment Solution tool
Utilization and process execution within eMASS
Developing Plans of Actions and Milestones (POA&M) entries; and
Completing Risk Management Framework Step 5 authorizations in the Information System Security Engineer (ISSE) capacity

Information Systems Security Specialist II

Virginia Beach, VA

Apply Now

info@srgadaptive.com

Follow us: