<p>Security Policy Implementation: Assist Information System Security Managers (ISSMs) in the development, implementation, and enforcement of security policies, standards, and procedures to ensure the protection of information systems and data. Configuration Management: Ensure that all information systems are configured securely according to DoD & organizational policies, industry's best practices, and security baselines. Risk Management: Conduct risk assessments to identify potential security threats and vulnerabilities. Develop and implement mitigation strategies to reduce risk and ensure business continuity. Assess the impact of changes in the IT environment and update the risk management framework accordingly. Security Compliance: Ensure that information systems comply with relevant government and industry standards, such as NIST, and DoD regulations. Demonstrate familiarity with RMF processes for assessments and authorization efforts to prepare and maintain documentation for ATO compliance activities. Continuous Monitoring: Implement and manage continuous monitoring processes to maintain compliance with ATO requirements. Utilize Security Information and Event Management (SIEM) tools (e.g., Greylog, ElkStack, Splunk) to monitor system activities, analyze logs, and identify & report suspicious behavior & anomalous findings. Security Audits: Conduct regular security audits and assessments to evaluate the effectiveness of security measures and identify areas for improvement. Develop and implement remediation plans to address identified vulnerabilities. Collaboration: Work closely with other IT and security professionals, including system administrators, network engineers, and security analysts, to ensure a coordinated approach to cybersecurity. Liaise with external stakeholders & partnering agencies as needed. Documentation: Maintain comprehensive documentation of security policies, procedures, system configurations, and security incidents. Prepare reports for management on security status, compliance efforts, and incident response activities. Security Enhancements: Research, evaluate, and recommend security enhancements to improve the overall security posture of the organization. Stay updated with the latest security trends, technologies, and threats. Minimum of 3 years of experience in a similar ISSO or cybersecurity role. Proficiency in using security tools and technologies, such as VLANs, SIEMs, Static Application Security Testing (SAST) tools, network monitoring tools, and endpoint protection platforms (EPP). In-depth knowledge of network security, application security, and endpoint security principles. Strong understanding of operating systems (Windows, Linux, etc.) and their security configurations. Hands-on experience with ElkStack or other similar SIEM applications for security monitoring and log analysis. Experience with security compliance and regulatory requirements, including NIST USAF, and DoD regulations. Strong analytical and problem-solving abilities, with the capability to analyze complex security issues and develop practical solutions. Excellent written and verbal communication skills, with the ability to effectively communicate technical information to both technical and non-technical stakeholders. Ability to work independently and collaboratively in small team environments. Must possess a Secret clearance. Must hold a minimum Cybersecurity certification, such as Security+ or an applicable DoD 8140 certification (e.g., GSEC, CISM, CGRC, CISSP). Experience with eMASS. Experience with on-premise cloud instantiations. Experience with Microsoft Azure or Amazon Web Service configurations. Experience supporting Cross Domain Solutions High attention to detail. Associates degree and 2 additional years of relevant experience Bachelors degree (Preferred)</p>