Cyber Support Specialist

• Support Assessment and Authorization activities required to validate and maintain RMF compliance for project infrastructure, systems, and services. • Assist in defining cybersecurity and application security requirements for project initiatives. • Support the design, structuring, and testing of security components and control implementations. • Identify, analyze, and report security impacts using COTS vulnerability scanning tools and static and dynamic code scanning tools. • Assist with vulnerability management activities, including findings review, documentation, reporting, and remediation tracking. • Prepare management-level communications, status reporting, and cybersecurity metrics. • Support security assessments of applications and infrastructure against RMF controls and development security requirements. • Document compliance evidence, assessment results, and remediation activities to support ongoing authorization and continuous monitoring. • Collaborate with technical teams, security stakeholders, and program leadership to address security gaps and strengthen compliance posture. • Maintain focus and effectiveness in a high-intensity environment, including support for rotating 12-hour shifts with 4 days on and 3 days off, as required. Required Qualifications • Bachelor's degree in cybersecurity, information technology, computer science, or a related field. ***Active Secret Clearance Requires*** • 3 to 5 years of relevant cybersecurity experience. • Experience supporting RMF and Assessment and Authorization processes. • Knowledge of RMF controls and their applicability to application security. • Experience supporting security requirements definition, control implementation, and testing activities. • Experience identifying, analyzing, and reporting vulnerabilities and security impacts. • Familiarity with COTS vulnerability scanning tools and static and dynamic code scanning tools. • Ability to communicate technical issues, risks, and metrics effectively to management audiences. • Working knowledge of vulnerability management and reporting processes. • Understanding of application security and development security requirements. • Familiarity with OWASP Top 10 and common web application security risks. • Ability to work effectively in a fast-paced operational environment and adapt to changing priorities. • Ability to work a rotating 12-hour shift schedule with 4 days on and 3 days off, when required. Preferred Qualifications • CompTIA Security+ certification. • DoD 8140-compliant certification at the intermediate or advanced level. • Experience in cloud cyber defense. • Experience supporting application security in infrastructure and service environments. • Strong analytical, documentation, and reporting skills. • Ability to prepare concise executive-ready status updates and performance metrics. • Demonstrated adaptability and effectiveness during high-intensity operational periods. Job Specific Skills • Risk Management Framework (RMF) controls and application security - Advanced • Cyber Security Management - Advanced • Cloud Cyber Defense - Intermediate • Code scanning tools - Intermediate • Vulnerability Management and Reporting - Intermediate • OWASP Top 10 - Intermediate • Application Security and Development Security Requirements - Intermediate • Adaptability and operational resilience in rotating shift environments – Intermediate #cjpost nd Key Responsibilities • Support Assessment and Authorization activities required to validate and maintain RMF compliance for project infrastructure, systems, and services. • Assist in defining cybersecurity and application security requirements for project initiatives. • Support the design, structuring, and testing of security components and control implementations. • Identify, analyze, and report security impacts using COTS vulnerability scanning tools and static and dynamic code scanning tools. • Assist with vulnerability management activities, including findings review, documentation, reporting, and remediation tracking. • Prepare management-level communications, status reporting, and cybersecurity metrics. • Support security assessments of applications and infrastructure against RMF controls and development security requirements. • Document compliance evidence, assessment results, and remediation activities to support ongoing authorization and continuous monitoring. • Collaborate with technical teams, security stakeholders, and program leadership to address security gaps and strengthen compliance posture. • Maintain focus and effectiveness in a high-intensity environment, including support for rotating 12-hour shifts with 4 days on and 3 days off, as required.