Sr. Security Specialist

In pursuit of a future contract award, we are seeking a Senior Security Specialist to join our team of qualified, diverse professionals. This is a full-time (regular) exempt (salary) position located in Suffolk, VA with potential for limited teleworking, subject to customer approval. Where innovation meets excellence, we drive the future of technology. As a valued member of our team, you will play a key role in delivering state-of-the-art Information Technology solutions for the Naval Information Forces (NAVIFOR) N4 Directorate. We are looking for qualified candidates who are ready to collaborate, innovate, and make an impact in a fast-paced, forward-looking environment where teamwork is at the heart of our success.

1. Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information
2. Assess system vulnerabilities for security risks and propose and implement risk mitigation strategies
3. Ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure
4. Respond to computer security breaches, spillages, and viruses
5. Responsible for maintaining cyber hygiene of the systems in accordance with DOD and DON policy and the program continuous monitoring strategy
6. Oversee system compliance with the system Authorization Decision Document (ADD) and ensure no changes are made capable of affecting the ADD without proper authorization from the NAO
7. Responsible for ensuring all cybersecurity documentation is maintained and updated per DOD and DON policy
8. Maintain application and system configuration management in required DON and DOD reporting tools and applications
9. Perform system audits to ensure alignment with ADD and approved baselines

To be considered for this position, you must meet the education and experience listed below:

• Over ten (10) years of experience developing and implementing system cybersecurity solutions
• BA/BS from a US Department of Education accredited college or university in relevant fields. Two (2) years of relevant experience may substitute for one (1) year of formal education, with options including:
• AA/AS plus an additional 4 years of experience (14 years total)
• High School diploma plus an additional 8 years of experience (18 total)

To be considered, candidates must minimally possess:

• Experience with the Risk Management Framework (RMF), including security control baselines, Security Plan development, security control testing, vulnerability assessments, and compliance recording
• Experience managing system cybersecurity controls and artifacts in eMASS
• Experience in configuration management processes
• Experience with Atlassian Jira, Confluence, or similar tools
• IAT II or III certification (e.g., Security+, CISSP)
• Excellent communication skills
• US Citizenship is required due to government contract requirements

Candidates with experience or knowledge in these areas will be preferred:

• Familiarity with CAS, NTIRA, CENTRIXS-M, and SECREL systems
• Experience with AWS GovCloud, cloud security, and DevSecOps
• Background in incident response, risk assessment, and security control implementation
• Experience in Agile/Scrum environments
• Proficiency in network security, ITSM frameworks, and risk management methodologies
• ITIL v3 (or later) certification
• Relevant AWS cloud certifications, especially AWS Certified Security – Specialty