Cyber Defense Operations Security​/Compliance Specialist; ISSO​/ISSE​/IAS​/ISSM

Cyber Defense Operations Security/Compliance Specialist (ISSO/ISSE/IAS/ISSM)

Description

Data Systems Analysts, Inc. (DSA) is seeking a TS/SCI-cleared Cybersecurity Analyst / Engineer to support the security posture, compliance, and accreditation of enterprise systems in a secure DoD environment. The selected candidate will play a key role in maintaining cybersecurity readiness, supporting Risk Management Framework (RMF) processes, and ensuring the confidentiality, integrity, and availability of mission critical systems.

The Cybersecurity Analyst / Engineer will collaborate with both technical and compliance teams, supporting initiatives from vulnerability remediation and control implementation to RMF documentation and authorization sustainment. This role is suited for professionals with a strong foundation in DoD cybersecurity operations.

This position is onsite in Charlottesville, VA.

Responsibilities:

• Support the implementation, maintenance, and continuous improvement of cybersecurity controls across DoD information systems.
• Conduct system vulnerability scans, evaluate findings, and coordinate remediation with engineering teams.
• Apply and validate DISA STIGs and configuration baselines to ensure compliance with DoD cybersecurity standards.
• Develop, update, and maintain RMF documentation including SSPs, POA&Ms, and Continuous Monitoring (Con Mon) artifacts.
• Assist with ATO package development, renewal, and audit readiness activities.
• Coordinate with ISSMs, ISSEs, and system owners to ensure appropriate risk mitigation strategies are in place.
• Support cybersecurity incident response processes by analyzing alerts and validating corrective actions.
• Participate in design and review of system architectures to ensure compliance with DoD cybersecurity policies.
• Monitor compliance through eMASS, ACAS, and other approved DoD tools.
• Prepare and deliver security status briefings and risk summaries to stakeholders and leadership.

Required Education, Certifications and Security Clearance

• BS degree in Engineering, Computer Science, or related field
  • Experience may be substituted for degree.
• TS/SCI Clearance

Requirements Experience/

Qualifications:

• Minimum 4 years of experience supporting cybersecurity initiatives within the DoD or Intelligence Community.
• Demonstrated understanding of DoD cybersecurity policy, RMF lifecycle, and continuous monitoring practices.
• Familiarity with DoD cybersecurity tools such as eMASS, ACAS, STIGViewer, and Tenable Nessus.
• Experience coordinating with system owners, administrators, and mission partners to resolve security findings.
• Strong written and verbal communication skills, including technical documentation and risk reporting.
• Ability to work independently and collaboratively in secure, cross‑functional environments.
• Experience implementing and validating security controls across operating systems, applications, and networks.
• Hands on experience with ACAS, Nessus, Splunk, or SIEM platforms for vulnerability assessment and monitoring.
• Proficiency applying DISA STIGs, SCAP benchmarks, and hardening baselines.
• Experience supporting incident response, forensic analysis, or containment activities.
• Working knowledge of network protocols, system administration, and authentication mechanisms.
• Practical experience supporting Risk Management Framework (RMF) activities for DoD systems.
• Proficiency with eMASS for control tracking, package submission, and authorization maintenance.
• Experience developing and maintaining System Security Plans (SSP), POA&Ms, and Continuous Monitoring documentation.
• Knowledge of NIST SP 800-37, 800-53, CNSSI 1253, and associated DoD cybersecurity policies.
• Familiarity with security audit preparation, compliance reviews, and inspection readiness.
• Ability to perform risk analysis, impact assessments, and present findings to stakeholders.
• Experience supporting Authorization to Operate (ATO) renewals, extensions, and interim authorizations.

Preferred Experience /

Qualifications:

• CISSP, CAP, CISM, CASP+, or CEH certifications.
• Experience supporting DOD, or IC environments.
• Familiarity with Zero Trust principles and modern DoD cybersecurity architecture.
• Experience developing or reviewing security…