Information System Security Engineer III

• Develop, maintain, and track RMF system security plans.
• Identify and tailor IT and Cybersecurity control baselines based on system categorization
• Perform Ports, Protocols, and Services Management (PPSM)
• Conduct IT and Cybersecurity risk and vulnerability assessments.
• Execute security control testing per RMF assessments and annual security reviews.
• Mitigate and remediate vulnerabilities using STIG requirements.
• Develop and maintain POA&Ms in eMASS.
• Implement and assess STIGs and SRGs.
• Perform vulnerability assessments using ACAS, SCAP Compliance Checker (SCC), and Evaluate-STIG.
• Deploy security updates, patches, and compliance configurations across system assets.
• Conduct routine audits of IT system hardware/software components.
• Maintain inventory of information system components.
• Support IT change control and configuration management processes.
• Support configuration documentation, change control, and DoD STIG compliance.
• Ensure compliance of enterprise IT assets (e.g., Windows Servers, Cisco network hardware) via vulnerability assessments, patching, and STIG adherence.

• Bachelor’s degree in Computer Science, Information Technology, or an equivalent STEM discipline from an accredited college/university.
• Minimum 7 years of professional experience in cybersecurity operations,
• Must hold an IAT III certification.
• Familiarity with eMASS, VRAM, ACAS, SCC, and STIG compliance.

Powered by JazzHR