CYBER SECURITY SPECIALIST 4

CYBER SECURITY SPECIALIST 4

JOB SUMMARY

The Cybersecurity Specialist 4 provides security and compliance oversight for the Risk Management Framework (RMF) Steps 1–6. This role ensures the integrity of current legacy and future security stacks through continuous monitoring, vulnerability management, and enforcement of DISA STIG compliance. You will act as a key technical resource for ensuring that Department of Navy CSM packages meet Authorization to Operate (ATO) deadlines while transitioning toward Zero Trust Architecture (ZTA).

As with any position, additional expectations exist. Some of these include, but are not limited to, adhering to normal working hours, meeting deadlines, following company policies as outlined by the Employee Handbook, communicating regularly with assigned supervisor(s), staying focused on the assigned tasks, and completing other tasks as assigned.

RESPONSIBILITIES

• RMF Lifecycle & Compliance Management
• Provide ongoing security support for the legacy SCCA stack and future ZTA Mission Landing Zone (MLZ) stacks in Azure Government across all RMF steps (1–6).
• Perform RMF activities to support CSM Packages, ensuring all requirements are met to achieve and maintain ATO status.
• Schedule package checkpoints, deliver status reports, and perform quality assurance reviews.
• Maintain and report the system’s Authorization and Assessment (A&A) status and related security events.
• Assist in identifying the security control baseline set and any applicable overlays.
• Manage Plan of Action and Milestone (POA&M) entries to ensure vulnerabilities are properly tracked, mitigated, and resolved.
• Technical Security Operations
• Support the implementation and maintenance of the SCCA, including routine patching and ensuring Secure Technical Implementation Guide (STIG) compliance.
• Continuously monitor applications by assessing security control quality against requirements defined in the System Level Continuous Monitoring (SLCM) strategy.
• Utilize Assured Compliance Assessment Solution (ACAS) results to update system POA&Ms.
• Maintain Hardware and Software assessment sheets annually or upon environment changes.
• Ensure strict adherence to the DoD SCCA Functional Requirements (v2.9) and the latest DoD Cloud Computing Security Requirements Guide (CC SRG).

**POSITION IS EITHER ONSITE IN VENTURA, CA OR REMOTE**