Cybersecurity Tools Specialist - DOD
INNOVIM, Colorado Springs, CO, United States
Description
INNOVIM is seeking a Cybersecurity Tools Specialist to support the Missile Defense Agency (MDA) on the Integrated Research and Development for Enterprise Solutions (IRES) contract.
Location Schriever, SFB, Colorado Springs, CO
Relocation Assistance NONE
Position Closes 3/17/26
Application Requirement Resumes, in month and year format, must be submitted with application in order to be considered for the position.
Responsibilities
Leverage technical skills and knowledge to support mission-oriented cybersecurity.
Engineer systems to function with the required security features in place.
Conduct periodic manual and automated scans and inspections to ensure compliance with the Exercises and Risk Management Framework (RMF) accreditations issued by the MDA Authorizing Official.
Support Information Assurance Vulnerability Management (IAVM) reporting requirements and ensure security patches are installed, as appropriate.
Manage System Security Plan documentation in eMASS and update the eMASS Plan of Actions and Milestones (POA&M) IAW RMF continuous monitoring requirements.
Periodically conduct a complete review of each system’s RMF Control Compliance Indicators (CCI) and monitor corrective actions until all actions are closed.
Apply cybersecurity principles to provide realistic configuration management solutions designed to enhance the cybersecurity posture.
Understand the Risk Management Framework Certification and Accreditation process.
Thoroughly document work and adhere to DoD and MDA level enterprise processes & procedures.
Basic Requirements
Must have 3 or more years of general (full‑time) work experience; may be reduced with completion of advanced education.
Must have 1 or more years of directly related experience.
Must have proven hands‑on experience with a Security Information and Event Management (SIEM) platform, including managing data ingestion, building security monitoring dashboards, and performing query‑based analysis of security events.
Must have experience with an Endpoint Detection and Response (EDR) or Endpoint Protection Platform solution (e.g., ESS (Trellix), Microsoft Defender for Endpoint).
Must perform vulnerability scans using ACAS (Tenable SecurityCenter/Nessus).
Must be flexible to participate in an on‑call rotation and respond to security incidents outside of standard business hours as needed.
Must have experience with both Windows and Linux operating systems.
Must be compliant with DoD 8570/8140 IAT Level II at a minimum (e.g., CompTIA Security+ CE, CySA+, GSEC).
Must have current ACAS certificate.
Must have an active DoD Secret Security Clearance.
Desired Requirements
Strong working knowledge of the DoD Risk Management Framework (RMF) lifecycle.
Experience with the ELK Stack (Elasticsearch, Logstash, and Kibana) or similar log aggregation and monitoring tools.
Experience applying and verifying DISA STIGs (Security Technical Implementation Guides) and familiarity with Ports Protocol and Services Management (PPSM).
Proficiency in a scripting language (e.g., Python, PowerShell, Bash) for automating administrative and security tasks.
Experience with virtualization platforms, particularly VMware (vSphere, ESXi), Ansible etc.
Compensation This position is expected to pay $107,400 – $120,000 annually, depending on experience, education, and any certifications that are directly related to the position.
#J-18808-Ljbffr
Location Schriever, SFB, Colorado Springs, CO
Relocation Assistance NONE
Position Closes 3/17/26
Application Requirement Resumes, in month and year format, must be submitted with application in order to be considered for the position.
Responsibilities
Leverage technical skills and knowledge to support mission-oriented cybersecurity.
Engineer systems to function with the required security features in place.
Conduct periodic manual and automated scans and inspections to ensure compliance with the Exercises and Risk Management Framework (RMF) accreditations issued by the MDA Authorizing Official.
Support Information Assurance Vulnerability Management (IAVM) reporting requirements and ensure security patches are installed, as appropriate.
Manage System Security Plan documentation in eMASS and update the eMASS Plan of Actions and Milestones (POA&M) IAW RMF continuous monitoring requirements.
Periodically conduct a complete review of each system’s RMF Control Compliance Indicators (CCI) and monitor corrective actions until all actions are closed.
Apply cybersecurity principles to provide realistic configuration management solutions designed to enhance the cybersecurity posture.
Understand the Risk Management Framework Certification and Accreditation process.
Thoroughly document work and adhere to DoD and MDA level enterprise processes & procedures.
Basic Requirements
Must have 3 or more years of general (full‑time) work experience; may be reduced with completion of advanced education.
Must have 1 or more years of directly related experience.
Must have proven hands‑on experience with a Security Information and Event Management (SIEM) platform, including managing data ingestion, building security monitoring dashboards, and performing query‑based analysis of security events.
Must have experience with an Endpoint Detection and Response (EDR) or Endpoint Protection Platform solution (e.g., ESS (Trellix), Microsoft Defender for Endpoint).
Must perform vulnerability scans using ACAS (Tenable SecurityCenter/Nessus).
Must be flexible to participate in an on‑call rotation and respond to security incidents outside of standard business hours as needed.
Must have experience with both Windows and Linux operating systems.
Must be compliant with DoD 8570/8140 IAT Level II at a minimum (e.g., CompTIA Security+ CE, CySA+, GSEC).
Must have current ACAS certificate.
Must have an active DoD Secret Security Clearance.
Desired Requirements
Strong working knowledge of the DoD Risk Management Framework (RMF) lifecycle.
Experience with the ELK Stack (Elasticsearch, Logstash, and Kibana) or similar log aggregation and monitoring tools.
Experience applying and verifying DISA STIGs (Security Technical Implementation Guides) and familiarity with Ports Protocol and Services Management (PPSM).
Proficiency in a scripting language (e.g., Python, PowerShell, Bash) for automating administrative and security tasks.
Experience with virtualization platforms, particularly VMware (vSphere, ESXi), Ansible etc.
Compensation This position is expected to pay $107,400 – $120,000 annually, depending on experience, education, and any certifications that are directly related to the position.
#J-18808-Ljbffr