ANF – Security Specialist – MABSM

Description

Alaska Northstar Federal is looking for a new Cybersecurity Specialist to join the team on a long-term project. The Cybersecurity Specialist leads the implementation, monitoring, and continual improvement of cybersecurity controls and risk mitigation strategies across cloud-hosted mission systems in Oracle Cloud Infrastructure (OCI). The candidate will work in collaboration with government stakeholders, system owners, system administrators, and developers to ensure that all security requirements are met, best practices adhered to, and compliance achieved in support of DoD, DHA, and federal cybersecurity mandates.

for the Security Specialist will include, but not be limited to:

• Develop, implement, and maintain cybersecurity architecture for cloud-based and hybrid environments in Oracle Cloud Infrastructure (OCI), delivering robust security postures aligned with government cybersecurity frameworks (e.g., DoD RMF, NIST SP 800-53, and organizational policies).
• Conduct vulnerability scans, security assessments, and penetration testing of cloud and on-premises resources, deliver actionable reports, and ensure timely remediation of identified risks and findings.
• Oversee and support the continuous monitoring and incident response process within OCI, utilizing native and third-party cloud security, SIEM, and audit tools to detect, investigate, and resolve security events.
• Support efforts to obtain and maintain Authority to Operate (ATO) for all assigned environments, including preparation and submission of security documentation, POA&M, risk assessments, and audit responses.
• Drive the implementation and sustainment of security controls such as multi-factor authentication (MFA), encryption at-rest/in-transit, firewall rules, identity and access management (IAM) policies, Least Privilege enforcement, and boundary protections.
• Ensure secure configuration baselines are maintained in accordance with STIGs, CIS benchmarks, and DHA-specific guidelines; perform and document regular reviews and updates.
• Collaborate closely with systems engineers, application teams, and database administrators to ensure Dev Sec Ops  practices, secure deployment pipelines, application security reviews, and vulnerability management are fully integrated.
• Serve as the primary responder for cybersecurity incidents, coordinating containment, eradication, and lessons‑learned activities; document responses in accordance with incident response plans and government requirements.
• Monitor cybersecurity regulatory compliance and support audits and inspections; proactively identify gaps and drive continuous process improvement in technical and procedural security controls.
• Assist with the creation and update cybersecurity knowledge resources (e.g., SOPs, security architecture diagrams, training modules, lessons learned, SharePoint resources) to ensure optimal knowledge transfer and mission continuity.
• Provide regular status briefings, risk summaries, and expert consultation to government leadership, program managers, and other stakeholders.

Candidate must be a U.S. Citizen Candidate must have an active DoD Secret Clearance Candidate must have a bachelor’s degree Candidate must have an active Security CE (or equivalent) Candidate must have at least 4 years of experience in the following:

• Working in cybersecurity roles supporting government, DoD, DHA, or federal contracts
• Cloud-native security in Oracle Cloud Infrastructure or similar major IaaS providers.
• Strong understanding of Secure Cloud Architecture, Identity and Access Management, encryption strategies, and vulnerability management within OCI.
• Demonstrated proficiency with DoD RMF, NIST SP 800-53, FedRAMP, FISMA, and experience preparing and sustaining ATO packages.
• Security monitoring and SIEM solutions (e.g., Oracle Cloud Guard, Splunk) and incident response in cloud and hybrid environments.
• Hands‑on technical skills in secure configuration of compute, network, database, and application resource.
• Automation/scripting to support compliance (e.g., with Python, Power Shell, Terraform, or Ansible).
• Excellent oral and written communication skills for producing clear…