Cyber Security Specialist (Top Secret cleared)

Job description

The Work We are seeking a Senior Cybersecurity Engineer with deep experience supporting the Risk Management Framework (RMF) and Authorization to Operate (ATO) lifecycle for federal information systems. This role focuses on STIG compliance, vulnerability management, POA&M tracking, and incident response for high‑impact systems operating in classified environments. Key Responsibilities: Provide end-to-end RMF and ATO support, including development, maintenance, and submission of security authorization packages. Manage and maintain eMASS artifacts, ensuring accuracy, completeness, and audit readiness. Conduct and oversee STIG compliance activities across operating systems, databases, and platforms; document findings and remediation actions. Identify, track, and manage Plans of Action and Milestones (POA&Ms), coordinating with technical teams to drive remediation to closure. Perform and review vulnerability assessments using tools such as Nessus and STIG scanning utilities; analyze results and recommend mitigation strategies. Support incident response activities, including investigation, reporting, and coordination with security leadership and stakeholders. Develop and update RMF docum...