Journeyman Cybersecurity Specialist (ISSO Focus) - BIM IDIQ

Location: Multiple DAF Bases (NCR and CONUS)

Job Category: Information Technology

Time Type: Full-time

Clearance Requirement: Current DoD Secret Clearance required

Security Suitability: Must be able to obtain and maintain a favorable background investigation

Employee Type: W2 and 1099 options available

Citizenship: US Citizen, no Dual Citizenship

NexThreat is seeking a Journeyman Cybersecurity Specialist with a focus on Information Systems Security Officer (ISSO) responsibilities to support the Department of the Air Force (DAF). This role involves supporting the implementation and maintenance of cybersecurity programs at multiple DAF Bases. You will work as part of a team to ensure compliance with DoD and DAF cybersecurity policies, conduct risk assessments, and support the Risk Management Framework (RMF) process. Experience with site surveys is preferred.

·      Support the development, implementation, and maintenance of cybersecurity plans, policies, and procedures in accordance with DoD, DAF, and RMF requirements.

·      Conduct required reviews as appropriate within environment (e.g., Technical Surveillance, Countermeasure Reviews [TSCM], TEMPEST countermeasure reviews, EMSEC).

·      Assist in the assessment and authorization (A&A) process for information systems, including documentation preparation, security control assessment, and risk mitigation.

·      Conduct vulnerability scans and assist in the remediation of identified vulnerabilities.

·      Monitor security controls and system logs to identify potential security incidents and policy violations.

·      Participate in incident response activities, including investigation, containment, eradication, and recovery.

·      Provide cybersecurity guidance and support to system owners, administrators, and users.

·      Maintain accurate and up-to-date records of system configurations, security documentation, and incident reports.

·      Collaborate with other cybersecurity personnel and stakeholders to ensure a consistent and effective security posture.

·      Participate in cybersecurity meetings and interact with USG RMF personnel.

·      Conduct site surveys to assess controls.

·      Adhere to all applicable Communications Security (COMSEC) regulations, policies, and procedures.

·      Maintain COMSEC-related documentation.

·      Stay current with relevant cybersecurity regulations, policies, and best practices.

·      Required: Experience with the DoD Risk Management Framework (RMF) process.

·      Preferred: Experience with tools such as ACAS, SCAP, eMASS, Xacta, Splunk, and Microsoft Sentinel.

·      Understanding of NIST SP 800-series publications, particularly those related to risk management and security controls.

·      CompTIA Security+ (Foundational Qualification)

·      (ISC)² CAP (Certified Authorization Professional)

·      GIAC Security Essentials Certification (GSEC)

·      Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field, or 4 years of relevant experience in lieu of a degree.

·      3 years of experience in cybersecurity, with a focus on ISSO responsibilities or similar roles.

·      Strong understanding of cybersecurity principles, practices, and technologies.

·      Experience with security control implementation, assessment, and documentation.

·      Familiarity with vulnerability management and incident response processes.

·      Excellent verbal and written communication skills.

·      Ability to work both independently and as part of a team.

·      Ability to obtain and maintain a Common Access Card (CAC).