Information System Security Specialist III Security Clearance

Position: (626) Information System Security Specialist III with Security Clearance
Company Summary Arlo Solutions (Arlo) is an information technology consulting services company that specializes in delivering technology solutions. Our reputation reflects the high quality of the talented Arlo Solutions team and the consultants working in partnership with our customers. Our mission is to understand and meet the needs of both our customers and consultants by delivering quality, value-added solutions. Our solutions are designed and managed to not only reduce costs, but to improve business processes, accelerate response time, improve services to end-users, and give our customers a competitive edge, now and into the future.

Position Overview The Specialist, Information System Security III (SISS3) will support the Naval Surface Warfare Center Philadelphia Division (NSWCPD) Department 40 as contractor staff through Arlo Solutions. This key personnel position provides senior-level cybersecurity expertise and technical execution in support of Propulsion, Power & Auxiliary Machinery Systems Cybersecurity requirements, with specific focus on Risk Management Framework (RMF) lifecycle activities, Assessment & Authorization (A&A), and ongoing compliance and assurance across Navy afloat and ashore environments.

The SISS3 is responsible for the development, validation, implementation, and continuous monitoring of cybersecurity controls in accordance with Department of Defense (DoD), Department of Navy (DON), and Naval Sea Systems Command (NAVSEA) policy.

Work Location:

Primary:
Philadelphia, PA; periodic travel to customer and operational sites may be required Clearance:
Active Secret security clearance

Job Responsibilities and/or Success Factors Cybersecurity Assessment and Implementation
* Conduct risk and vulnerability assessments of planned and installed systems to identify vulnerabilities, risks, and protection needs
* Execute Security Assessment Plans (SAPs) by conducting on-site testing for afloat and Platform Information Technology (PIT) ashore systems
* Apply Security Technical Implementation Guides (STIGs), Security Requirements Guides (SRGs), and perform Assured Compliance Assessment Solution (ACAS) scanning
* Implement security patches and configuration changes to obtain cybersecurity compliance and remediate vulnerabilities
* Perform analysis of logs, events, and reporting from various data collection tools including ACAS, Host Based Security Systems (HBSS), Security Information and Event Management (SIEM), firewall systems, and intrusion detection systems Risk Management Framework (RMF) Support
* Develop and maintain Plan of Action and Milestones (POA&M) for all Information Assurance-related tasks and deliverables in Enterprise Mission Assurance Support Service (eMASS)
* Support continuous monitoring activities for authorized systems to maintain Authorization to Operate (ATO) status
* Document residual risks based on package content and assessment results for Security Controls Assessor review
* Maintain current vulnerability scan data and residual risk POA&Ms in Vulnerability Remediation Asset Manager (VRAM)
* Ensure compliance with NIST SP-800-37, SP-800-53 Rev 4, DoD Instruction 8510.01, and NAVSEA Business Rules Systems Security and Monitoring
* Conduct systems security reviews, audits, and evaluations to ensure accreditation documents accurately represent current risk posture
* Monitor and assess impacts from observed cybersecurity risks and report via the Cybersecurity Program chain of command
* Perform evaluation of system administrator and security engineer proposed corrections to ensure compliance
* Test systems to verify adequate functionality for mission and project requirements
* Support Information Assurance Vulnerability Management (IAVM) activities including remediation, patching, and scanning Technical Documentation and Reporting
* Develop technical documentation including vulnerability assessments, risk assessments, and security compliance reports
* Create and maintain system architecture diagrams, authorization boundary diagrams, and defense in depth diagrams
* Present and submit data to management, develop comprehensive reports, and produce procedural documentation
* Prepare security-related deliverables in accordance with contract CDRLs and government requirements Operating System Administration
* Provide expert subject matter knowledge of Windows operating systems (Windows 11, 10, 7, XP, 2000, CE 6.0) and Red Hat Enterprise Linux
* Apply system configuration changes and software application updates as required by automated security assessment tools
* Identify, present, and implement improvements to operating system configuration settings to maintain secure operations
* Develop and enhance operating procedures, process guides, and system-level RMF Control Family Plans Compliance and Coordination
* Ensure all security requirements and controls are implemented in accordance with DoD and Navy cybersecurity policies
* Coordinate with government personnel, system owners, and…