Intelligence Security Specialist with Security Clearance

This position is contingent upon funding with an expected start date of December 2025 TS/SCI Clearance required SRG is seeking an Intelligence Security Specialist to manage Risk Management Framework (RMF) activities, focusing on Step 5 authorization and continuous monitoring. Key tasks include conducting STIG assessments, performing vulnerability assessments with ACAS, managing RMF packages via eMASS or XACTA, and developing POA&Ms. You'll also support RMF Step 5 authorizations, provide risk reduction recommendations, manage privileged user compliance, and ensure adherence to Navy and DoD policies on removable media. This role offers the chance to make a significant impact in cybersecurity and RMF. On-site only, no telework. Position Responsibilities: Perform RMF activities throughout all lifecycle phases, with a focus on Step 5 authorization and continuous monitoring support.
Conduct STIG assessments using SCAP benchmarks and Evaluate STIG to ensure compliance with DoD security requirements.
Perform vulnerability assessments utilizing the Assured Compliance Assessment Solution (ACAS) and recommend mitigation strategies.
Utilize eMASS or XACTA for managing RMF packages, documenting artifacts, and supporting ATO processes.
Develop and maintain Plans of Action and Milestones (POA&Ms), ensuring accuracy and timely updates.
Support RMF Step 5 authorizations in the role of an Information System Security Engineer (ISSE) or Information System Security Officer (ISSO).
Provide clear, actionable risk reduction recommendations to technical and non-technical stakeholders.
Manage privileged user compliance documentation, Cybersecurity Workforce (CSWF) training, and certification tracking.
Research, interpret, and communicate Cyber Task Orders (CTOs), ensuring proper implementation and documentation.
Track RMF documentation requirements and coordinate updates with system owners and responsible POCs.
Review Interconnection Security Agreements (ISAs) to verify technical details and compliance with ATO boundaries.
Maintain tracking, control, and destruction of removable media in accordance with Navy and DoD policies. Required Qualifications: Education: Bachelor's degree in Cybersecurity, Cyber Operations, Cyber Engineering, Information System, Information Technology, Computer, Electrical, or Electronics Engineering, Software Engineering, Computer Science, Mathematics with a concentration in Computer Science, or equivalent to above disciplines. Certification:

• DoD 8570.01-M in accordance with (IAW) DFARS Baseline Certification, minimum IAT Level II. Experience:

• Ten (10) years of full-time professional experience in performing Risk Management Framework activities.

• Demonstrated experience in the following areas:
o Performing STIG assessments to include using SCAP benchmarks and EvaluateSTIG;
o Performing vulnerability assessments with the Assured Compliance Assessment Solution tool.
o Using eMASS or XACTA for RMF package management.
o Developing Plans of Actions and Milestones (POA&M) entries.
o Completing Risk Management Framework Step 5 authorizations in the ISSE capacity or Information System Security Officer (ISSO) capacity; and
o Communicating risk reduction recommendations to stakeholders.

• Demonstrated experience in any of the following areas:

• Managing privileged user documentation, training, and CSWF requirements.

• Researching and evaluating Cyber Task Orders (CTOs) and detailing implementation requirements.

• Reviewing Interconnection Security Agreements (ISAs) for technical details and ensuring within ATO parameters; or

• Maintaining inventory, tracking, and destruction of removable media.