Sr. Information Specialist (Cybersecurity)
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Sr. Information Specialist (Cybersecurity): Maintaining cyber compliance and accreditation for DHA applications with an accent on RMF, ATO sustainment, and vulnerability remediation. Focus on coordinating security control evidence, managing POA&Ms, and ensuring code delivery without high-severity security findings.
Location: Remote (Must be based in the US to support U.S. federal government agencies)
Company
An information technology company specializing in operations management, quality systems, and cybersecurity for the U.S. Department of Defense and other federal agencies.
What you will do
- Maintain RMF packages and sustain ATO (Authority to Operate) for DHA applications.
- Review vulnerability scans and track remediation for CAT 1 and CAT 2 findings.
- Perform STIG checklist reviews and update POA&Ms.
- Coordinate with ISSO/ISSM to ensure cybersecurity compliance with DHA policy.
- Protect PII/PHI data and support incident response activities.
- Conduct security impact analyses for releases and cyber reviews of code/configuration changes.
Requirements
- Must be based in the US to support U.S. federal government agencies (DoD).
- Strong experience in RMF, ATO maintenance, and POA&M management.
- Minimum certification: Security+ CE.
- Experience with STIG, ACAS, eMASS, and HIPAA/Privacy Act.
- Knowledge of PII/PHI handling and data sanitization.
Nice to have
- Advanced certifications: CISSP, CISM, CAP/CGRC, CASP+, CEH, GSEC, or HCISPP.
- Experience with MHS, DoD Health IT, CMRS, or HBSS/ESS.
Culture & Benefits
- Comprehensive health insurance options, including dental and 100% company-paid vision.
- 401K plan with generous company match and no vesting period.
- 100% company-paid life, long-term, and short-term disability insurance.
- Dedicated training allowance.
- Paid Time Off (PTO).
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →