Specialist, Information System Security III (SISS3)

Type: Full Time

Location: Philadelphia, PA

Overtime Exempt: Exempt

Reports To: ARMADA HQ

Travel Required: Yes

Security Clearance Required: Active Secret Security Clearance

************CONTINGENT UPON AWARD***************

Duties & Responsibilities:

• Specialist, Information System Security III (SISS3) will conduct risk and vulnerability assessments of planned and installed systems to identify vulnerabilities, risks and protection needs; conduct systems security evaluation, audits, and reviews; determine the residual risk of a package based on package content and assessment results and documenting for the Security Controls Assessor's (SCA) and higher level review.
• Execute Security Assessment Plans (SAPs) by conducting on-site testing for afloat and PIT ashore systems. Examples include executing STIGs, SRGs, ACAS scanning, and applying patches assets to obtain cybersecurity compliance and remediate vulnerabilities.
• Specialist, Information System Security III (SISS3) will conduct systems security reviews, audits, or evaluations, as appropriate, to ensure accreditation documents are accurate and represent the current risk posture of the system.
• Perform analysis of logs, events, and reporting of various data collections tools including: vulnerability monitoring via Assured Compliance Assessment System (ACAS) and related tools, Host Based Security Systems (HBSS), web content filters, Security Information and event management (SIEM), firewall systems, network devices, server devices, workstations, and intrusion detection and prevention systems (ID/PS).
• Specialist, Information System Security III (SISS3) will assess impacts from observed risks and report via the Cybersecurity Program chain of command.
• Executing Security Assessment Plans (SAPs) by conducting on-site testing for afloat and PIT ashore systems. Examples include executing STIGs, SRGs, ACAS scanning, and applying patches assets to obtain cybersecurity compliance and remediate vulnerabilities.
• Perform the evaluation of system administrator, security engineer, and/or system owner proposed corrections to ensure compliance and best-fit solution.
• Specialist, Information System Security III (SISS3) will present and submit data to management, develop reports, and produce procedural documentation in a comprehensive and cohesive manner.
• Perform risk management and security engineering for Research, Development, Testing, and Evaluation (RDT&E) RMF Afloat systems include Information Assurance Vulnerability Management (IAVM) support, remediation, patching, scanning and associated boundary maintenance.
• Specialist, Information System Security III (SISS3) will document residual risks in a plan of actions and milestones formatted in compliance with the current package system, currently eMASS.
• Specialist, Information System Security III (SISS3) will maintain current vulnerability scan data and residual risk plan of actions and milestones in Vulnerability Remediation Asset Manager (VRAM).
• Manage, attend, and support configuration control board practices.
• Create and verify the accuracy of POA&Ms/RARs as identified by vulnerability actual test results.
• Specialist, Information System Security III (SISS3) shall write technical documentation such as user manuals, reports, documentation, policies, presentations, Plan of Action and Milestones (POA&Ms), risk assessments, proposals, outlines, and summaries in support of both ashore and afloat systems across multiple platforms. Support developing of technical documents across multiple platforms including configuration management, milestone, issue tracking, web site content management and RMF documentation.
• Specialist, Information System Security III (SISS3) may be required to travel CONUS (any state in USA) and OCONUS (primarily Japan, and any country in Europe). The estimated number of trips is 14 per year (estimated 25%-30% travel).
• Other duties as assigned.

Knowledge, Skills, and Abilities (KSAs):

• Ability to travel CONUS (any state in USA) and OCONUS (primarily Japan, and any country in Europe).
• Proficient in Microsoft Windows Operating System Administration, including Windows 11, Windows 10, Windows 7, and Windows XP (at a minimum).
• Ability to work as a team member, communicate, perform office functions and use office tools, customer focused and deliver exceptional performance.
• Possess excellent organizational and file management skills and the ability to plan and execute administrative work with little supervision.
• Possess excellent oral and written communication skills.

Required Certifications:

• Minimum of one (1) IAT Level II listed certificate required:
  • CompTIA Security+ (CE)
  • CompTIA CySA+
  • GIAC Security Essentials (GSEC)
  • ISC² SSCP (Systems Security Certified Practitioner)

Minimum/General Experience:

• Five (5) years of experience in the following:
  • Cybersecurity, Engineering, Test and Evaluation (T&E) or Authorization and Assessment (A&A) (formerly C&A) related field.
  • Information Assurance tools such as Defense Information Systems Agency (DISA) Enterprise Mission Assurance Support Service (eMASS), Assured Compliance Assessment Solution (ACAS).
  • Command line interface, PowerShell, and performing automated tasking through use of code.

Minimum Education:

• College degree in any technical discipline from an accredited college or university.

Disclaimer:

The above information has been designed to indicate the general nature and level of work to be performed. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of the contractor assigned to this position. Applying: If you feel you have the knowledge, skills and abilities for this position visit our careers page at .

Special Notes: Relocation is not available for these jobs

ARMADA provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws. ARMADA complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including, but not limited to, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

Must be able to successfully pass a background check, and pre-employment drug testing. Job offers are contingent upon results of background check and drug testing.