Cybersecurity Specialist

We are seeking a highly skilled Cybersecurity Specialist to join our team at Oneida Technical Solutions, LLC. As a key member of our cybersecurity team, you will be responsible for performing comprehensive IT security control assessments on our systems and software applications.

• Perform initial and continual security control assessments and validation for our networks, systems, and software applications.
• Utilize DOD-approved tools to generate initial and continuous monitoring reports.
• Complete reports to support risk decisions from the AO, both as required and as requested.
• Provide an assessment on the severity of weaknesses or deficiencies discovered in the information system or software application and its environment of operation and recommend corrective actions to address identified vulnerabilities.
• Review the System Security Plan (SSP) prior to initiating the security control assessment and ensure the plan provides a set of security controls for the information system or software application that meet the stated security requirements.
• Advise the Information System Owner (ISO) concerning the impact values for confidentiality, integrity, and availability for the information on a system or software application.
• Evaluate threats and vulnerabilities to information systems or software application to ascertain the need for additional safeguards.
• Assist in creating, reviewing, and approving the information system or software application security assessment plan, which is comprised of the SSP, the Security Controls Traceability Matrix (SCTM), and the Security Control Assessment Procedure.
• Ensure security control assessments are completed for each information system or software application and ensure controls are working as intended and these controls protect the confidentiality, integrity and availability of IT resources at the appropriate levels.
• Assist with preparing the final Security Assessment Report (SAR) containing the results and findings from the assessment at the conclusion of each security control assessment activity.
• Ensure a Plan of Action and Milestones (POA&M) is initiated by the Information System Security Officer (ISSO) for the information system based on findings and recommendations from the SAR.
• Evaluate security control assessment documentation and provide written recommendations for security authorization to the AO.
• Provide expertise to execute vulnerability assessments on Platform IT systems.
• Assist with assembling and submitting the security authorization artifacts to the AO (consisting of, at a minimum, the SSP, the SAR, the POA&M, and a Risk Assessment Report (RAR)).
• Assess the proposed changes to information systems or software application, their environment of operation, and mission needs to determine if they are security-relevant and could therefore affect system authorization.
• Utilize the RMF methodology to successfully implement an information technology process which shall effectively protect the element's information assets and its ability to perform its mission.
• Provide guidance to other assessors on the policies and procedures of the job; Provide detailed assessment findings using Government-specified processes and procedure.
• Provide solutions and recommendations to remedy security vulnerabilities, threats, to ultimately improve the protection of IT resources and to execute the AFCENT mission.
• Utilize assessment results to identify trends and to improve IA training, policies and processes.
• Develop reports and trend analysis's to support risk assessment decisions.

• Must possess and maintain a Secret Clearance.
• Proof of IAT-III or IAM-III Certification.
• Senior (III) and higher positions: MA/MS in related field AND 3 or more years' relevant experience; or BS in related field AND 5 or more years' relevant IT experience; or 7 or more years' relevant IT experience.
• Mid-level (II) or lower positions: BS in related field AND 1 or more years' relevant experience; or Associates in related field and 3 or more years' relevant IT experience; or 5 or more years' of relevant IT experience.

We are an equal opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, national origin, age, disability, marital status, veteran status, sexual orientation, gender identity, genetic information or any other protected characteristic under applicable law.