Note: This position is open exclusively to candidates currently enrolled in the Hiring Our Heroes Fellows Program. Applications from individuals not participating in the program will not be considered.
Information Systems Security Specialist $145-175k – San Diego, California
Required Qualifications:
- College degree in a technical or managerial related discipline.
- In lieu of a college degree, greater than seven (7) years of directly relevant experience in Cybersecurity, Engineering, T&E, or A&A (formerly C&A) is required.
- Industry-recognized cybersecurity certification (e.g., Security+ or higher) strongly preferred; specific certifications may be required to meet DoD 8570/8140 requirements depending on the role and environment.
- More than five (5) years (with degree or 7+ without) of practical experience in a Cybersecurity, Engineering, Test & Evaluation (T&E), or Assessment & Authorization (A&A, formerly C&A) related field.
- Working knowledge of the Risk Management Framework (RMF) process and prior experience with DIACAP or similar legacy processes.
- Experience supporting C&A/A&A activities, including the development and maintenance of IA/security documentation (e.g., SSPs, POA&Ms, test plans, and assessment reports).
- Experience with Information Assurance tools such as DISA Enterprise Mission Assurance Support Service (eMASS) and Assured Compliance Assessment Solution (ACAS).
- Demonstrated ability to evaluate security solutions and technical implementations to ensure they meet security requirements for systems processing up to classified information.
- Experience supporting or performing security control assessment activities in coordination with SCAs, system owners, and engineering teams.
- Strong understanding of DoD and/or Navy cybersecurity policies, directives, and guidance, and how they are applied to real systems and programs.
- Ability to communicate effectively with technical and non-technical stakeholders, clearly articulating risks, findings, and recommended mitigations.
Desired Qualifications:
- Experience serving as a Security Control Assessor (SCA) or holding a Full Security Control Assessor qualification.
- Experience supporting Navy or other DoW programs through full lifecycle RMF activities from initial accreditation through continuous monitoring.
- Hands-on experience with vulnerability management, patch management, and remediation tracking in operational environments.
- Experience supporting cybersecurity in conjunction with system engineering and T&E activities (e.g., test planning, execution, and reporting for security controls).
- Familiarity with secure architecture and design principles, including network segmentation, boundary protection, and defense-in-depth.
- Relevant cybersecurity certifications (e.g., Security+, CISSP, CAP, CISM, or similar).
Required Clearance:
- Secret clearance required, Top Secret clearance preferred; US Citizenship required, No dual citizenship.
