IA Security Specialist

Dark Wolf Solutions is seeking an IA Security Specialist to join our team. The successful candidate will provide Information Systems Security support for enterprise network assets. A strong understanding of DoD STIG/IAVA and compliance processes is necessary to be successful in this position. Assured Compliance Assessment Solution (ACAS) is the primary tool used to facilitate a compliant and secure network. The auditing environment consists of Cisco Identity Service Engine (ISE), SolarWinds, Marine Corps Database (MCD), Operational Directive Reporting System (OPDRS), RedSeal, DISA STIG Viewer, Enterprise Mission Assurance Support Service (eMASS), Microsoft Defender for Endpoint (MDE), and vulnerability scanning tools such as ACAS. Auditing compliance aligns with Defense Information Systems Agency (DISA) Secure Technical Implementation Guides (STIGs). This role is located in Arlington, VA. Responsibilities include but are not limited to: 

• Conducting vulnerability scans on a regularly scheduled and ad hoc basis.
• Providing regularly updated lists of systems scanned and individual scan results to system owners and engineers.
• Maintaining configuration items and execute functions on vulnerability management platforms, including ACAS, Nessus, STIG Validation Scans, and Manual Checks.
• Creating essential documentation, including procedures, scanning reports, and remediation reports.
• Providing analysis and metrics on vulnerabilities to drive remediation throughout the organization.
• Serving as a subject matter expert for vulnerability scanning and STIG compliance procedures, specifically ACAS 5.4 or higher.
• Assisting system engineers by validating device configurations and completing STIG checklists quarterly.
• Working closely with the A&A team to assist with the development of Risk Management Framework (RMF) plans.
• Assisting with Security Content Automation Protocol (SCAP) scans to validate compliancy.
• Supporting DODI 8500.2 IA Controls and reciprocity efforts.
• Attending meetings and providing recommendations concerning Risk Management and mitigation efforts for organizational assets.
• Reviewing account creation and modification tickets using the Remedy tool with high attention to detail.

Required Qualifications:

• Strong understanding of DoD STIG/IAVA and compliance processes.
• Expertise in ACAS 5.4 or higher execution and operation.
• Experience with vulnerability management tools such as Nessus and SCAP.
• Familiarity with the RMF process and DODI 8500.2 IA Controls.
• Experience using the Remedy tool for ticket review.
• Excellent attention to detail and documentation skills.
• Ability to work directly with system engineers to identify changes and coordinate mitigation efforts.
• The ideal candidate has a background as an Information Systems Security Officer and/or Information Systems Security Engineer (ISSE) has a strong systems security mindset and is very detailed oriented with strong written and oral communication skills.
• DoD 8570 IAT II Level Certification Required (CCNA-Security, CySA, GICSP, GSEC, Security+CE, SSCP).  Can start with lower level 8570 cert but must attain within 180 days.
• US Citizenship and a Secret security clearance 

Work Environment:

• Support provided for enterprise network assets within a complex auditing environment.
• Collaboration with system owners, engineers, and A&A teams.
• Requirement to handle regularly scheduled and ad hoc technical tasks.

We are proud to be an EEO/AA employer Minorities/Women/Veterans/Disabled and other protected categories.

In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.