Abacus Technology is seeking a Cyber Security Specialist to provide technical support for the US Air Force Office of Special Investigations (AFOSI) in Quantico. This is a full-time position.

• Assist in building, coordinating, maintaining, changing, and updating the RMF A&A packages for the five enclaves administered by AFOSI.
• Develop and review System Security Documents in accordance with the RMF process and the eMASS workflow.
• Monitor policy for the IT Enterprise Cyber Surety Division relating to the compliance, validation, and assessment of the four networks (NIPRNET, SIPRNET, JWICS, and SAPnet) and Major Information Technology Systems (MITS).
• Maintain and update HQ's AFOSI Governance, Risk and Compliance (GRC) application for assessing/managing risk, and authorizations for all AFOSI data networks.
• Implement cyber security controls and assist AFOSI customers with the implementation on cyber security controls where the cyber security controls fall outside of the contractor’s area of responsibility.
• Ensure successful implementation and tracking of all Tasking Orders (TASKORD), General Administration Messages (GENADMIN), Notice to Airmen (NOTAM), Time Compliance Technical Order (TCTO), Data Call Orders (DCO) for the systems included in the five AFOSI enclaves.
• Perform the Information Assurance Vulnerability Management (IAVM) process by ensuring systems and networks maintain compliance with vulnerabilities.
• Track and analyze Plan of Action & Milestones (POA&Ms) reports to conduct risks assessments.
• Assist in the review of current Cyber Operational Readiness Assessment (CORA) requirements and ensure systems and their operations are compliant.
• Ensure all application deliverables and systems comply with applicable DISA STIGs or Security Requirements Guidance.

5 years experience in cyber security and information assurance with at least 3 years of experience in systems administration for server and infrastructure support.  Bachelor’s degree in a related field desired.  Must be certified at IAT Level III (e.g., CASP+ CE, CISA, CCNP Security, CISSP, or equivalent certification satisfying DoD 8570/8140 certification requirements).  Experience with RMF, STIGs, GRC, PPSM, Event log audit.  Working knowledge of firewall functionality.  Knowledge of analyzing the result of a security risk assessment.  Experience with the RMF steps to include categorization, security control selection, implementation plan development, assessment, and continuous monitoring.  Knowledge of the Information Assurance Vulnerability Management (IAVM) process and Common Vulnerabilities and Exposures (CVE) framework.  Experience with PowerShell scripting to automate repetitive tasks and gather security information.  Experience creating, reviewing, and revising security documentation and artifacts.  Experience with Vulnerability Management tools, such as ACAS, including the ability to read and analyze automated vulnerability reports.  Experience with Fortify Static Code analyzer, or another code scanner.  Experience with security information and event management (SIEM) software, such as Splunk or ArcSight.  Experience with Trellix HBSS (Host-Based Security System), to include ePO (E-Policy Orchestrator) administration and searching for rogue systems.  Must possess analytical skills to troubleshoot cybersecurity issues and the ability to conceptualize server infrastructures and configurations.  Experience with Asset Management software, such as Lansweeper or SolarWinds desired.  Experience with troubleshooting security application software, configuring and troubleshooting firewalls, and using protocol analyzers desired.  Experience participating in cyber security inspections and in Computer Network Defense (CND) actions such as incident response desired.  Experience with DoD IT environment and networks.  Must have strong communication skills and be able to work comfortably with all levels of an organization.  Must be a US citizen and hold a current Top Secret clearance with SCI access (TS/SCI).

Applicants selected will be subject to a U.S. government security investigation and must meet eligibility requirements for access to classified information.

EOE/M/F/Vet/Disabled