Cyber Defense Operations Security​/Compliance Specialist; ISSO​/ISSE​/IAS​/ISSM

Cyber Defense Operations Security/Compliance Specialist (ISSO/ISSE/IAS/ISSM)

Data Systems Analysts, Inc. (DSA) is seeking a TS/SCI‑cleared Cybersecurity Analyst / Engineer to support the security posture, compliance, and accreditation of enterprise systems in a secure DoD environment. The selected candidate will play a key role in maintaining cybersecurity readiness, supporting Risk Management Framework (RMF) processes, and ensuring the confidentiality, integrity, and availability of mission critical systems.

This position is onsite in Charlottesville, VA.

• Support the implementation, maintenance, and continuous improvement of cybersecurity controls across DoD information systems.
• Conduct system vulnerability scans, evaluate findings, and coordinate remediation with engineering teams.
• Apply and validate DISA STIGs and configuration baselines to ensure compliance with DoD cybersecurity standards.
• Develop, update, and maintain RMF documentation including SSPs, POA&Ms, and Continuous Monitoring (Con Mon) artifacts.
• Assist with ATO package development, renewal, and audit readiness activities.
• Coordinate with ISSMs, ISSEs, and system owners to ensure appropriate risk mitigation strategies are in place.
• Support cybersecurity incident response processes by analyzing alerts and validating corrective actions.
• Participate in design and review of system architectures to ensure compliance with DoD cybersecurity policies.
• Monitor compliance through eMASS, ACAS, and other approved DoD tools.
• Prepare and deliver security status briefings and risk summaries to stakeholders and leadership.

• BS degree in Engineering, Computer Science, or related field (experience may be substituted for degree).
• TS/SCI Clearance.
• DoD 8140 (8570) IAT Level II Certification.

• Minimum 4 years of experience supporting cybersecurity initiatives within the DoD or Intelligence Community.
• Demonstrated understanding of DoD cybersecurity policy, RMF lifecycle, and continuous monitoring practices.
• Familiarity with DoD cybersecurity tools such as eMASS, ACAS, STIGViewer, and Tenable Nessus.
• Experience coordinating with system owners, administrators, and mission partners to resolve security findings.
• Strong written and verbal communication skills, including technical documentation and risk reporting.
• Ability to work independently and collaboratively in secure, cross‑functional environments.
• Experience implementing and validating security controls across operating systems, applications, and networks.
• Hands‑on experience with ACAS, Nessus, Splunk, or SIEM platforms for vulnerability assessment and monitoring.
• Proficiency applying DISA STIGs, SCAP benchmarks, and hardening baselines.
• Experience supporting incident response, forensic analysis, or containment activities.
• Working knowledge of network protocols, system administration, and authentication mechanisms.
• Practical experience supporting Risk Management Framework (RMF) activities for DoD systems.
• Proficiency with eMASS for control tracking, package submission, and authorization maintenance.
• Experience developing and maintaining System Security Plans (SSP), POA&Ms, and Continuous Monitoring documentation.
• Knowledge of NIST SP 800‑37, 800‑53, CNSSI 1253, and associated DoD cybersecurity policies.
• Familiarity with security audit preparation, compliance reviews, and inspection readiness.
• Ability to perform risk analysis, impact assessments, and present findings to stakeholders.
• Experience supporting Authorization to Operate (ATO) renewals, extensions, and interim authorizations.

• CISSP, CAP, CISM, CASP+, or CEH certifications.
• Experience supporting DOD or IC environments.
• Familiarity with Zero Trust principles and modern DoD cybersecurity architecture.
• Experience developing or reviewing security policies and SOPs.
• Strong understanding of continuous authorization and governance processes.
• Familiarity with scripting or automation tools (Power Shell, Python, Ansible) to streamline security tasks.

Many of DSA's positions require the ability to obtain a security clearance. Security clearances may only be granted to U.S. citizens. In addition, applicants who accept a conditional offer of employment may be subject to government security investigation(s) and must meet eligibility requirements for access to classified information. DSA is proud to be an Equal Opportunity Employer. DSA is committed to treating all employees and applicants for employment with respect and dignity and maintaining a workplace that is free from unlawful discrimination.

All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status. DSA requires background checks, by law, and is an E‑Verify Employer.